mod_security
http://www.modsecurity.org/
its not using mod_perl -- but there's no reason to
On Apr 11, 2007, at 9:47 AM, Martijn wrote:
Hello.
Like everyone who runs a web sever, I find that occasionally -and more
often than I'd like- the web server get a lot of requests (thousands)
within a short of period of time from the same IP address. I don't
mind a sudden increase interest in the website, but this usually means
someone is doing something bad.
I thought mod_perl should be able to deal with such (ab)users and send
them away if they know on our door too many times. So I did some
research and stumbled upon a Perl module called Stonehenge::Throttle
which is described here:
http://www.stonehenge.com/merlyn/LinuxMag/col17.html
It sounds all nice and interesting, but the article is from 2000 and
when I search for the module name, Google has hardly any other
results. Which could mean that either it works so perfectly well that
no one even bothered to write a documentation, or that it is outdated,
replaced by something better and shouldn't be used anymore. My guess
would be the latter.
Which made me wonder: is there a nice way to use mod_perl to keep evil
visitors away? Preferably using heuristics rather than a black list of
bad IP addresses.
Martijn
// Jonathan Vanasco
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - -
| FindMeOn.com - The cure for Multiple Web Personality Disorder
| Web Identity Management and 3D Social Networking
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - -
| RoadSound.com - Tools For Bands, Stuff For Fans
| Collaborative Online Management And Syndication Tools
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - -