| Name : apache-tools-blacklist-webclient
| |
| Version : 1.1.0
| Vendor : (none)
|
| Release : 1.guru.suse92
| Date : 2005-09-24 12:02:12
|
| Group : Productivity/Networking/Web/Servers
| Source RPM : apache-tools-1.1.0-1.guru.suse92.src.rpm
|
| Size : 0.02 MB
| |
| Packager : Pascal Bleser < guru_unixtech_be>
| |
| Summary : Interface between mod_security and the apache-tools blacklisting
|
Description :
This binary is an interface between mod_security and the blacklist script.
WARNING: the blacklist-webclient CGI is installed as SUID root !
It will pick up the REMOTE_ADDR from the environment and tell the blacklist
script to ban that address.
Use the script with caution. You should note that it is not possible to use
this script directly if you are using suEXEC (as it refuses to work with suid
scripts such as this one).
If you are executing external binaries based on user actions (i.e. a request
made to the web server) you should be aware that there is a danger of a
DoS. For example, if someone makes 100 HTTP requests every second, and every
request results in binary execution, depending on what these binaries do your
server may be overwhelmed. A much better blacklisting strategy, for example,
is to write IP addresses you want to ban to a text file, and call blacklist
from cron on every minute to process the list.
|
RPM found in directory: /packages/linux-pbone/ftp.gwdg.de/pub/linux/misc/suser-guru/rpm/9.2/RPMS/i686 |
