Block Spam, Preventing URL Injection And Block HTTP Attacks With mod_dnsblacklist

mod_dnsblacklist is a Lighttpd module that use DNSBL in order to block spam relay via web forms, preventing URL injection, block http DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address. Official site:

http://www.lucaercoli.it/

To install it you must download the source code and compile by running these commands:

make mod_dnsblacklist.o

gcc -shared -o mod_dnsblacklist.so mod_dnsblacklist.o

/usr/bin/install -c mod_dnsblacklist.so /usr/local/lib/mod_dnsblacklist.so

The module accepts these directives:

dnsblacklist.method
Syntax:   dnsblacklist.method string
Supported: GET, POST, HEAD, OPTIONS, PUT and PROPFIND
Default:  POST

The HTTP method on which the module acts

dnsblacklist.host
Syntax:   dnsblacklist.host string
Default:  sbl-xbl.spamhaus.org

The address of the DNSBL used

dnsblacklist.message
Syntax:   dnsblacklist.message string
Default:  Your IP address is blacklisted!

Error message displayed to the blocked user

Once installed you will need to enable it editing the Lighttpd’s configuration (/etc/lighttpd/lighttpd.conf). Here’s an example:

server.modules = (
…..
“mod_dnsblacklist”,
……

Finally you must restart the server

/etc/init.d/lighttpd restart

The default configuration will protect you from attacks performed with the POST method such spam relay via web forms and on your blog. To extend the protection and preventing URL injection put this in the configuration of Lighttpd:

dnsblacklist.method “GET,POST”

In order to change the error message shown to blocked users, you can use the directive “dnsblacklist.message” in this way:

dnsblacklist.message “Your custom message”

…and now fly light icon wink Block Spam, Preventing URL Injection And Block HTTP Attacks With mod dnsblacklist

Thue server vps
Tags: · ·
digg delicious stumbleupon technorati Google live facebook Sphinn Mixx newsvine reddit yahoomyweb