Apache-AuthChecker
2 results

 view release on metacpan or  search on metacpan

AuthChecker.pm  view on Meta::CPAN 

    }
    
    if (defined($DB{$remote_ip})) {
        ($failed_attempts, $last_access) = 
            split(':', $DB{$remote_ip});
            
        $r->log_error("Stats IP: $remote_ip Attempts: $failed_attempts")
            if ($debug);
        
        if ($failed_attempts >= $max_failed_attempts) {
            $r->log_error("IP: $remote_ip is blocked. ".
                          "Auth attempts: $failed_attempts");
            $ignore_this_request = 1;
        }
    } else {
        $r->log_error("IP: $remote_ip not found in DB.")
            if ($debug);
    }
    

    if (!$ignore_this_request) {

AuthChecker.pm  view on Meta::CPAN 

=head1 SYNOPSIS

See README section.

=head1 README

Apache::AuthChecker - mod_perl based authentication module used to prevent
brute force attacks via HTTP authorization. It remembers IP addresses of any
user trying to authenticate for certain period of time. If user
runs out limit of failed attempts to authenticate - all his authentication
requests will be redirected to some URI (like this: /you_are_blocked.html).

Requirements: 

 1. Apache 1.3.x (2.x) with mod_perl 1.2x (2.x) enabled 
 2. IPC::Shareable perl module version 0.60 by BSUGARS. Probably it
    should work with other versions, but I did not test.

Installation:

 -from the directory where this file is located, type:

AuthChecker.pm  view on Meta::CPAN 

    require valid-user
                

 Parameters:

 AuthUserFile       - path to your passwords htpasswd-made file (REQUIRED).
 MaxFailedAttempts  - Maximum attempts we give user to mistype password 
                      (OPTIONAL, default - 8).
 RedirectURI        - URI (not URL!) to redirect attacker then he runs out 
                      attempts limit ((OPTIONAL, default - /). 
                      For example: /you_are_blocked.html


=head1 DESCRIPTION

Apache::AuthChecker - mod_perl based authentication module used to prevent
brute force attacks via HTTP authorization. It remembers IP addresses of any
user trying to authenticate for certain period of time. If user from this IP
runs out limit of failed attempts to authenticate - all his authentication
requests will be redirected to some URI (like this: /you_are_blocked.html).

=head1 PREREQUISITES

 1. Apache 1.3.x with mod_perl 1.2x enabled 
 2. IPC::Shareable perl module version 0.60 by BSUGARS. Probably it
    should work with other versions, but I did not test.

=head1 AUTHOR

Andre Yelistratov

README  view on Meta::CPAN 

# This package is distributed under GNU public license.
# See file COPYING for details.

Apache::AuthChecker - mod_perl based authentication module used to prevent
brute force attacks via HTTP authorization. It remembers IP addresses of any
user trying to authenticate for certain period of time. If user
runs out limit of failed attempts to authenticate - all his authentication
requests will be redirected to some URI (like this: /you_are_blocked.html).

Requirements: 

 1. Apache 1.3.x (2.x) with mod_perl 1.2x (2.x) enabled 
 2. IPC::Shareable perl module version 0.60 by BSUGARS. Probably it
    should work with other versions, but I did not test.

Installation:

 -from the directory where this file is located, type:

README  view on Meta::CPAN 

    require valid-user
                

 Parameters:

 AuthUserFile       - path to your passwords htpasswd-made file (REQUIRED).
 MaxFailedAttempts  - Maximum attempts we give user to mistype password 
                      (OPTIONAL, default - 8).
 RedirectURI        - URI (not URL!) to redirect attacker then he runs out 
                      attempts limit ((OPTIONAL, default - /). 
                      For example: /you_are_blocked.html



Andre Yelistratov 
 E-mail: andre@sundale.net
 ICQ: 9138065



( run in 0.518 second using v1.01-cache-2.11-cpan-49f99fa48dc )