Hi, This mail is more focused to be a requirement of a new feature than a bug ;-)
As many of you know, today there are tons of spam robots written for many different (web)applications and sadly, many of these applications have a very poor spam filtering system or sometimes this support is only supported in development versions (which you can't install on a production system). So, how to block these spam robots? Well, one week ago I decided to stop the spam I was receiving in Jaws Trac (dev.jaws-project.com). For all the solutions that exists out there I found that the best one was to install mod_security[1] in Apache and eureka! no more spam! One of the nice features of mod_security is that it lets you log/deny/allow/redirect/otherstuff any attempt of attack to your web server, web application or virtual host, it scans the POST and GET requests thing that the rewrite stuff can't do (it only scans GET iirc). Of course mod_security lets you do more than blocking spammers but I decided to use it (Apache, sadly) to battle the spam I was receiving via Trac. Why I'm writing this to the list? Cause it would be nice to have a feature like this on Cherokee cause sometimes you are running weak webapplications[2] and you are out of weapons to win the spammers/attackers and the only weapon you have is your webserver. For example, to block spam on Trac I did this (Apache): #spam using mod_security SecFilterEngine DynamicOnly #we allow scanning POST (comments on trac are managed via POST) SecFilterScanPOST On #log SecAuditLog /home/jaws/security_log #Simple regexp rule, if it matches, it sends visitor to that URL SecFilter "(free-space|freett|infused-solutions|quick-adult-links)" "deny,log,redirect:http://jaws-project.com/index.php?page/tracspam"; SecFilter "LEDdisplay" "deny,log,redirect:http://jaws-project.com/index.php?page/tracspam"; Cheers, [1] http://www.modsecurity.org/ [2] I know there are many security 'genius' out there that will be thinking: "then don't run that kind of web applications", but well, sometimes you need these kind of applications if you are a developer and require it. -- Pablo Fischer Sandoval (pablo [arroba/at] pablo.com.mx) Cel: (044-55) 2689-6351 Fingerprint: 5973 0F10 543F 54AE 1E41 EC81 0840 A10A 74A4 E5C0 http://www.pablo.com.mx http://www.jaws-project.com
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Cherokee mailing list [email protected] http://www.0x50.org/cgi-bin/mailman/listinfo/cherokee
