William A. Rowe, Jr.
Fri, 22 Aug 2008 16:25:37 -0700
Niklas Edmundsson wrote:
On Fri, 22 Aug 2008, Nick Kew wrote:this is a form of authorization, it appears to fit in aaa. Perhaps evenwith a name in that scheme, such as mod_authz_hostlimit or something like that.I'd say that's stretching a point. But since I don't think I can suggest an existing category into which it fits: the nearest functions to it are in core! Something like modules/traffic/ would kind-of describe it, but as of now it would seem lonely there. I wonder if there's a case for modules/misc/ ?modules/limiters/ or something? That would cover a lot of things like concurrent requests-per-ip/mimetype, ratelimiting and so on but still isn't auth/access control...
This *is* access control, you are denying access, based on something other than user and password. mod_authn_hostname anyone? This fits neatly into the same general category.