Mod_Access_RBL

This module, intended for use with the Apache HTTP server, is based on the module mod_access and is distributed under the same copyright.

mod_access_rbl is a superset replacement for mod_access. Both modules cannot be used at the same time.

Source and a readme file are available from http://www.blars.org/mod_access_rbl.tar.gz (This document is more up to date than the README.)

This document is aimed at people already familiar with compiling, installing, and configuring Apache httpd. Please refer to the Apache documentation if your are not familiar with it.

Installation:

Use the options --disable-module=access --add-module=mod_access_rbl.c to configure then build as normal.

Use:

This adds the options:
	allow via dns-server
	deny via dns-server
that can be used anywhere other allow and deny statements can be. The dns-server can be any dns server that answers queries like the MAPS RBL server. (The IP address of the client, with the quads reversed, is prepended before any dns lookup. If an address is returned, there is a match.)

Example:

	order allow,deny
	allow from all
	deny via rbl.maps.vix.com
This will deny all requests from systems listed in the MAPS RBL. See http://mail-abuse.org/rbl/ for details on the MAPS RBL project.

Error Page:

You should configure an alternate error page for "403 forbidden" that explains your access policy. Remeber to exclude this error message from your access checks.

If you would rather give a warning prepended to your document than an error, it should be possible to make your 403 error page a CGI script that does what you want. Details on how to do so is beond the scope of this document.

Performance impact:

This module will perform a dns lookup every time a "deny via" (or "allow via") access is tested. Future versions may have a cache of recently tested systems.

Impact when not using this new feature should be negligible.

Module Status:

This module has been tested on Solaris 7, RedHat 6.1, and AIX 4.3.2, and on both Apache 1.13.11 and 1.13.12. It should still be considered experimental.

Blars' Home Page
hinfo, host information tool
Send Blars Email