Cheap VPS & Xen Server


Residential Proxy Network - Hourly & Monthly Packages

Block Spam, Preventing URL Injection And Block HTTP Attacks With mod_dnsblacklist


mod_dnsblacklist is a Lighttpd module that use DNSBL in order to block spam relay via web forms, preventing URL injection, block http DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address. Official site:

http://www.lucaercoli.it/

To install it you must download the source code and compile by running these commands:

make mod_dnsblacklist.o

gcc -shared -o mod_dnsblacklist.so mod_dnsblacklist.o

/usr/bin/install -c mod_dnsblacklist.so /usr/local/lib/mod_dnsblacklist.so

The module accepts these directives:

dnsblacklist.method
Syntax:   dnsblacklist.method string
Supported: GET, POST, HEAD, OPTIONS, PUT and PROPFIND
Default:  POST

    The HTTP method on which the module acts

dnsblacklist.host
Syntax:   dnsblacklist.host string
Default:  sbl-xbl.spamhaus.org

    The address of the DNSBL used

dnsblacklist.message
Syntax:   dnsblacklist.message string
Default:  Your IP address is blacklisted!

    Error message displayed to the blocked user

Once installed you will need to enable it editing the Lighttpd’s configuration (/etc/lighttpd/lighttpd.conf). Here’s an example:

server.modules = (
…..
“mod_dnsblacklist”,
……

Finally you must restart the server

/etc/init.d/lighttpd restart

The default configuration will protect you from attacks performed with the POST method such spam relay via web forms and on your blog. To extend the protection and preventing URL injection put this in the configuration of Lighttpd:

dnsblacklist.method “GET,POST”

In order to change the error message shown to blocked users, you can use the directive “dnsblacklist.message” in this way:

dnsblacklist.message “Your custom message”

…and now fly light 😉

Comments

comments