simple way to block attackers on Linux
1) give sudo access to user running web2py to /sbin/iptables
2) create a new app, let's call it "gatekeeper" with the following
default.py controller
def block():
import os
os.system('sudo iptables -I INPUT -s %s -j DROP' %
request.client)
3) create a web2py routes.py file that maps suspicious URLs into the
above action
routes_in=[
['.*\.\..*','/gatekeeper/default/block'], # block clients
attempting a directory traversal
['.*\.php','/gatekeeper/default/block'], # block clients
looking for php scripts
]
you can add your own filters using regular expressions.
Massimo
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py Web Framework" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
