Niklas Edmundsson wrote:
On Fri, 22 Aug 2008, Nick Kew wrote:
this is a form of authorization, it appears to fit in aaa. Perhaps even
with a name in that scheme, such as mod_authz_hostlimit or something
like that.
I'd say that's stretching a point. But since I don't think I can
suggest an existing category into which it fits: the nearest functions
to it are in core!
Something like modules/traffic/ would kind-of describe it, but as of
now it would seem lonely there. I wonder if there's a case for
modules/misc/ ?
modules/limiters/ or something? That would cover a lot of things like
concurrent requests-per-ip/mimetype, ratelimiting and so on but still
isn't auth/access control...
This *is* access control, you are denying access, based on something other
than user and password. mod_authn_hostname anyone? This fits neatly into
the same general category.
