bpalmen-httpbl 0.1.2 → 0.1.3
Sign up to get free protection for your applications and to get access to all the features.
- data/README +14 -4
- data/lib/httpbl.rb +17 -7
- metadata +1 -1
data/README
CHANGED
|
@@ -17,7 +17,7 @@ crawling, comment-spamming, dictionary attacks, and email-harvesting.
|
|
|
17
17
|
Installation
|
|
18
18
|
------------
|
|
19
19
|
|
|
20
|
-
gem install httpbl
|
|
20
|
+
gem install bpalmen-httpbl
|
|
21
21
|
|
|
22
22
|
Basic Usage
|
|
23
23
|
------------
|
|
@@ -33,7 +33,7 @@ To add HttpBL to your middleware stack, simply add the following to config.ru:
|
|
|
33
33
|
|
|
34
34
|
For Rails 2.3+ add the following to environment.rb:
|
|
35
35
|
|
|
36
|
-
|
|
36
|
+
require 'httpbl'
|
|
37
37
|
|
|
38
38
|
config.middleware.use HttpBL, :api_key => "YOUR API KEY"
|
|
39
39
|
|
|
@@ -51,7 +51,7 @@ To customize HttpBL's filtering behavior, use the available options:
|
|
|
51
51
|
:deny_types => [1, 2, 4],
|
|
52
52
|
:threat_level_threshold => 0,
|
|
53
53
|
:age_threshold => 5,
|
|
54
|
-
:blocked_search_engines => [0]
|
|
54
|
+
:blocked_search_engines => [0],
|
|
55
55
|
|
|
56
56
|
Available Options:
|
|
57
57
|
|
|
@@ -134,4 +134,14 @@ customize the particular types of suspicious activity you wish to thwart:
|
|
|
134
134
|
8: MSN
|
|
135
135
|
9: Yahoo
|
|
136
136
|
10: Cuil
|
|
137
|
-
11: InfoSeek
|
|
137
|
+
11: InfoSeek
|
|
138
|
+
|
|
139
|
+
:dns_timeout => 0.5
|
|
140
|
+
|
|
141
|
+
DNS requests to the Http:BL service should NEVER take this long, but if
|
|
142
|
+
they do, you can modify this setting to prevent the application from
|
|
143
|
+
hanging until a system default timeout. Of course, setting this timeout
|
|
144
|
+
too low will essentially disable the filter (but 0 is a bad idea), if responses
|
|
145
|
+
can't be returned from the API before the request is permitted, by default.
|
|
146
|
+
Best not to mess with it unless you know what you're doing - it's a safety
|
|
147
|
+
mechanism.
|
data/lib/httpbl.rb
CHANGED
|
@@ -8,8 +8,10 @@ class HttpBL
|
|
|
8
8
|
@options = {:blocked_search_engines => [],
|
|
9
9
|
:age_threshold => 10,
|
|
10
10
|
:threat_level_threshold => 2,
|
|
11
|
-
:deny_types => [1, 2, 4, 8, 16, 32, 64, 128]
|
|
12
11
|
# 8..128 aren't used as of 3/2009, but might be used in the future
|
|
12
|
+
:deny_types => [1, 2, 4, 8, 16, 32, 64, 128],
|
|
13
|
+
# DONT set this to 0
|
|
14
|
+
:dns_timeout => 0.5
|
|
13
15
|
}.merge(options)
|
|
14
16
|
raise "Missing :api_key for Http:BL middleware" unless @options[:api_key]
|
|
15
17
|
end
|
|
@@ -19,14 +21,22 @@ class HttpBL
|
|
|
19
21
|
end
|
|
20
22
|
|
|
21
23
|
def _call(env)
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
[403, {"Content-Type" => "text/html"}, "<h1>403 Forbidden</h1> Request IP is listed as suspicious by <a href='http://projecthoneypot.org/ip_#{ip}'>Project Honeypot</a>"]
|
|
24
|
+
request = Rack::Request.new(env)
|
|
25
|
+
bl_status = resolve(request.ip)
|
|
26
|
+
if bl_status and blocked?(bl_status)
|
|
27
|
+
[403, {"Content-Type" => "text/html"}, "<h1>403 Forbidden</h1> Request IP is listed as suspicious by <a href='http://projecthoneypot.org/ip_#{request.ip}'>Project Honeypot</a>"]
|
|
27
28
|
else
|
|
28
29
|
@app.call(env)
|
|
29
30
|
end
|
|
31
|
+
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def resolve(ip)
|
|
35
|
+
query = @options[:api_key] + '.' + ip.split('.').reverse.join('.') + '.dnsbl.httpbl.org'
|
|
36
|
+
Timeout::timeout(@options[:dns_timeout]) do
|
|
37
|
+
Resolv::DNS.new.getaddress(query).to_s rescue nil
|
|
38
|
+
end
|
|
39
|
+
rescue Timeout::Error, Errno::ECONNREFUSED
|
|
30
40
|
end
|
|
31
41
|
|
|
32
42
|
def blocked?(response)
|
|
@@ -46,4 +56,4 @@ class HttpBL
|
|
|
46
56
|
return @blocked
|
|
47
57
|
end
|
|
48
58
|
|
|
49
|
-
end
|
|
59
|
+
end
|