bpalmen-httpbl 0.1.5 → 0.1.6
Sign up to get free protection for your applications and to get access to all the features.
- data/README +22 -2
- data/lib/httpbl.rb +2 -1
- metadata +2 -2
data/README
CHANGED
|
@@ -13,11 +13,12 @@ crawling, comment-spamming, dictionary attacks, and email-harvesting.
|
|
|
13
13
|
behavior after a customizable period of days.
|
|
14
14
|
* Identify common search engines by IP address (not User-Agent), and
|
|
15
15
|
disallow access to a specific subset.
|
|
16
|
+
* Optionally use memcached to avoid repeated look-ups per client-session
|
|
16
17
|
|
|
17
18
|
Installation
|
|
18
19
|
------------
|
|
19
20
|
|
|
20
|
-
gem install
|
|
21
|
+
gem install httpbl
|
|
21
22
|
|
|
22
23
|
Basic Usage
|
|
23
24
|
------------
|
|
@@ -52,11 +53,13 @@ To customize HttpBL's filtering behavior, use the available options:
|
|
|
52
53
|
:threat_level_threshold => 0,
|
|
53
54
|
:age_threshold => 5,
|
|
54
55
|
:blocked_search_engines => [0],
|
|
56
|
+
:memcached_server => "127.0.0.1:11211",
|
|
57
|
+
:memcached_options => {see: memcached-client documentation}
|
|
55
58
|
|
|
56
59
|
Available Options:
|
|
57
60
|
|
|
58
61
|
The following options (shown with default values) are available to
|
|
59
|
-
customize the
|
|
62
|
+
customize the behavior of the httpbl middleware filter:
|
|
60
63
|
|
|
61
64
|
:deny_types => [1, 2, 4, 8, 16, 32, 64, 128]
|
|
62
65
|
|
|
@@ -136,6 +139,23 @@ customize the particular types of suspicious activity you wish to thwart:
|
|
|
136
139
|
10: Cuil
|
|
137
140
|
11: InfoSeek
|
|
138
141
|
|
|
142
|
+
:memcached_server => nil
|
|
143
|
+
:memcached_options => {}
|
|
144
|
+
|
|
145
|
+
When using httpbl in a production environment, it is *strongly* recommended
|
|
146
|
+
that you configure httpbl to use memcached to temporarily store the blacklist
|
|
147
|
+
status of client ip addresses. This greatly enhances the efficiency of the
|
|
148
|
+
filter because it need only look up each client ip address once per session,
|
|
149
|
+
instead of once per request. It also reduces the potential burden of a
|
|
150
|
+
popular web application that uses httpbl on project honeypot's api services.
|
|
151
|
+
|
|
152
|
+
Simply set :memcached_server and :memcached_options according to the
|
|
153
|
+
conventions of the memcache-client ruby library; for example:
|
|
154
|
+
:memcached_server => '127.0.0.1:11211', :memcached_options => {:namespace => 'my_app'}
|
|
155
|
+
|
|
156
|
+
memcache-client is included in rails by default, but if you're using rack
|
|
157
|
+
without rails, you will need to install and require the memcache-client gem.
|
|
158
|
+
|
|
139
159
|
:dns_timeout => 0.5
|
|
140
160
|
|
|
141
161
|
DNS requests to the Http:BL service should NEVER take this long, but if
|
data/lib/httpbl.rb
CHANGED
|
@@ -10,7 +10,8 @@ class HttpBL
|
|
|
10
10
|
:threat_level_threshold => 2,
|
|
11
11
|
:deny_types => [1, 2, 4, 8, 16, 32, 64, 128], # 8..128 aren't used as of 3/2009, but might be used in the future
|
|
12
12
|
:dns_timeout => 0.5,
|
|
13
|
-
:memcached_server => nil
|
|
13
|
+
:memcached_server => nil,
|
|
14
|
+
:memcached_options => {}
|
|
14
15
|
}.merge(options)
|
|
15
16
|
raise "Missing :api_key for Http:BL middleware" unless @options[:api_key]
|
|
16
17
|
if @options[:memcached_server]
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bpalmen-httpbl
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Brandon Palmen
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2009-05-
|
|
12
|
+
date: 2009-05-28 00:00:00 -07:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|