Re: [mod-security-users] Include rules file per Directory
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Include rules file per Directory
|
From: Ivan R. <iva...@gm...> - 2006-04-19 19:56:22
|
On 4/19/06, Michael Shinn <mi...@go...> wrote: > On Wed, 2006-04-19 at 10:42 +0100, Ivan Ristic wrote: > > On 4/17/06, Justin Grindea <web...@sw...> wrote: > > > hi, > > > > > > I'm looking into using gotroot's blacklist.conf but would like to res= trict > > > processing rules in this file only to specific scripts that need it, = not load > > > it like any other rules file, since the load goes very high on a busy= server. > > > > You can do that, simply do something like: > > > > <Location /xyz> > > Include conf/blacklist.conf > > </Location> > > > > But using blacklist.conf is not a good idea (that's the one with many > > IP addresses in it?) > > blacklist.conf has all the spammer URLs in it. The next dev. release of ModSecurity will have the SURBL support. You should be able to use that to replace blacklist.conf, right (i.e. just do a single DNS lookup to verify a URI instead)? -- Ivan Ristic, Technical Director Thinking Stone, http://www.thinkingstone.com ModSecurity: Open source Web Application Firewall |
