Great post, Massimo!
Thanks
Paolo
On 18 Dic, 19:59, mdipierro <mdipie...@cs.depaul.edu> wrote:
> simple way to block attackers on Linux
>
> 1) give sudo access to user running web2py to /sbin/iptables
> 2) create a new app, let's call it "gatekeeper" with the following
> default.py controller
>
> def block():
> import os
> os.system('sudo iptables -I INPUT -s %s -j DROP' %
> request.client)
>
> 3) create a web2py routes.py file that maps suspicious URLs into the
> above action
>
> routes_in=[
> ['.*\.\..*','/gatekeeper/default/block'], # block clients
> attempting a directory traversal
> ['.*\.php','/gatekeeper/default/block'], # block clients
> looking for php scripts
> ]
>
> you can add your own filters using regular expressions.
>
> Massimo
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py Web Framework" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
