bpalmen-httpbl 0.1.5 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README +22 -2
- data/lib/httpbl.rb +2 -1
- metadata +2 -2
data/README
CHANGED
|
@@ -13,11 +13,12 @@ crawling, comment-spamming, dictionary attacks, and email-harvesting.
|
|
|
13
13
|
behavior after a customizable period of days.
|
|
14
14
|
* Identify common search engines by IP address (not User-Agent), and
|
|
15
15
|
disallow access to a specific subset.
|
|
16
|
+
* Optionally use memcached to avoid repeated look-ups per client-session
|
|
16
17
|
|
|
17
18
|
Installation
|
|
18
19
|
------------
|
|
19
20
|
|
|
20
|
-
gem install
|
|
21
|
+
gem install httpbl
|
|
21
22
|
|
|
22
23
|
Basic Usage
|
|
23
24
|
------------
|
|
@@ -52,11 +53,13 @@ To customize HttpBL's filtering behavior, use the available options:
|
|
|
52
53
|
:threat_level_threshold => 0,
|
|
53
54
|
:age_threshold => 5,
|
|
54
55
|
:blocked_search_engines => [0],
|
|
56
|
+
:memcached_server => "127.0.0.1:11211",
|
|
57
|
+
:memcached_options => {see: memcached-client documentation}
|
|
55
58
|
|
|
56
59
|
Available Options:
|
|
57
60
|
|
|
58
61
|
The following options (shown with default values) are available to
|
|
59
|
-
customize the
|
|
62
|
+
customize the behavior of the httpbl middleware filter:
|
|
60
63
|
|
|
61
64
|
:deny_types => [1, 2, 4, 8, 16, 32, 64, 128]
|
|
62
65
|
|
|
@@ -136,6 +139,23 @@ customize the particular types of suspicious activity you wish to thwart:
|
|
|
136
139
|
10: Cuil
|
|
137
140
|
11: InfoSeek
|
|
138
141
|
|
|
142
|
+
:memcached_server => nil
|
|
143
|
+
:memcached_options => {}
|
|
144
|
+
|
|
145
|
+
When using httpbl in a production environment, it is *strongly* recommended
|
|
146
|
+
that you configure httpbl to use memcached to temporarily store the blacklist
|
|
147
|
+
status of client ip addresses. This greatly enhances the efficiency of the
|
|
148
|
+
filter because it need only look up each client ip address once per session,
|
|
149
|
+
instead of once per request. It also reduces the potential burden of a
|
|
150
|
+
popular web application that uses httpbl on project honeypot's api services.
|
|
151
|
+
|
|
152
|
+
Simply set :memcached_server and :memcached_options according to the
|
|
153
|
+
conventions of the memcache-client ruby library; for example:
|
|
154
|
+
:memcached_server => '127.0.0.1:11211', :memcached_options => {:namespace => 'my_app'}
|
|
155
|
+
|
|
156
|
+
memcache-client is included in rails by default, but if you're using rack
|
|
157
|
+
without rails, you will need to install and require the memcache-client gem.
|
|
158
|
+
|
|
139
159
|
:dns_timeout => 0.5
|
|
140
160
|
|
|
141
161
|
DNS requests to the Http:BL service should NEVER take this long, but if
|
data/lib/httpbl.rb
CHANGED
|
@@ -10,7 +10,8 @@ class HttpBL
|
|
|
10
10
|
:threat_level_threshold => 2,
|
|
11
11
|
:deny_types => [1, 2, 4, 8, 16, 32, 64, 128], # 8..128 aren't used as of 3/2009, but might be used in the future
|
|
12
12
|
:dns_timeout => 0.5,
|
|
13
|
-
:memcached_server => nil
|
|
13
|
+
:memcached_server => nil,
|
|
14
|
+
:memcached_options => {}
|
|
14
15
|
}.merge(options)
|
|
15
16
|
raise "Missing :api_key for Http:BL middleware" unless @options[:api_key]
|
|
16
17
|
if @options[:memcached_server]
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bpalmen-httpbl
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Brandon Palmen
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2009-05-
|
|
12
|
+
date: 2009-05-28 00:00:00 -07:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|