Hi, Because - default lighttpd mod_auth does not provide additional information about source IP address when login attempt is wrong (as an example - while password guessing), i made some change in a source code.
here's how it looks by default: 2010-05-24 21:00:36: (http_auth.c.872) get_password failed and after patching: 2010-05-24 21:00:48: (http_auth.c.872) get_password failed , IP: xx.xx.xx.xx it is now possible to use as an example fail2ban - to prevent login/password bruteforce attacks please find attached http_auth.patch (tested at my th i686) (my first patch, so please be soft :) ) regards, --- Marcin Rybak http://marcinrybak.com
http_auth.patch
Description: Binary data
_______________________________________________ pld-devel-en mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
