Go Down

Topic: Spam fighting request (Read 12224 times) previous topic - next topic


lol  ;D

let's make it official

@mellis: Have you tried mod_sec?

The server was having several issues last week



Nov 03, 2008, 04:26 pm Last Edit: Nov 03, 2008, 04:29 pm by madworm Reason: 1
It is basically something "like" SELinux or AppArmour for apache. A bunch (actually many) core rules are provided for checking http requests, code insertion hacks and so on. Didn't check if it also provides some anti D.O.S. features. Seems like a bitch to configure. There's also a rule generator which scans logfiles and is supposed to learn what's normal, but again a lot of reading I think. Some of the docs talk about tomcat java application servers accessed by apache. Sounds like big business web servers to me.

p.s. Hey, this swear word filter just zapped "hctib" :-)



mod_sec is like an application firewall for apache

When used correctly it can really cut down on forum spammers, injection attacks and all kinds of nasty things

/me recommends it :)

Go Up