Apache-BruteWatch
3 results

 view release on metacpan or  search on metacpan

Makefile.PL  view on Meta::CPAN 

use ExtUtils::MakeMaker;

# See lib/ExtUtils/MakeMaker.pm for details of how to influence
# the contents of the Makefile that is written.
## Please see file perltidy.ERR
WriteMakefile(
    NAME         => 'Apache::BruteWatch',
    VERSION_FROM => 'lib/Apache/BruteWatch.pm',          # finds $VERSION
    AUTHOR       => 'Rich Bowen (rbowen@rcbowen.com)',
    ABSTRACT     =>
      'Watch the Apache logs and notify of bruteforce password attacks',
    PREREQ_PM => {
        Test::More        => 0,
        Mail::Sendmail    => 0,
        DBI               => 0,
        Apache::Constants => 0,
    },
);

README  view on Meta::CPAN 

NAME
    Apache::BruteWatch - Watch the Apache logs and notify of bruteforce
    password attacks

VERSION
     $Revision: 1.2 $

SYNOPSIS
    Place the following in your "httpd.conf"

        PerlLogHandler Apache::BruteWatch

        PerlSetVar BruteDatabase     DBI:mysql:brutelog
        PerlSetVar BruteDataUser     username
        PerlSetVar BruteDataPassword password

        PerlSetVar BruteMaxTries     10
        PerlSetVar BruteMaxTime      30
        PerlSetVar BruteNotify       rbowen@example.com
        PerlSetVar BruteForgive      300

DESCRIPTION
    "mod_perl" log handler for warning you when someone is attempting a
    brute-force password attack on your web site.

Variables
    The following variables can be set in your Apache configuration file:

  BruteDatabase
    The DBI database name, such as "DBI:mysql:brutelog"

  BruteDataUser
    The database username

  BruteDataPassword
    The database password

  BruteMaxTries and BruteMaxTime
    Allow this many failed attempts in this much time. After that,
    notification will be sent. Time is in seconds.

  BruteNotify
    Email address to which notifications will be sent

  BruteForgive
    Failed login attempts will be cleaned up after they are this old. Units

lib/Apache/BruteWatch.pm  view on Meta::CPAN 

use strict;
use vars qw($VERSION);
use Apache::Constants qw( :common );
use DBI;
use Mail::Sendmail qw();

$VERSION = qw($Revision: 1.13 $) [1];

=head1 NAME

Apache::BruteWatch - Watch the Apache logs and notify of bruteforce password attacks

=head1 VERSION

 $Revision: 1.13 $

=head1 SYNOPSIS

Place the following in your C<httpd.conf>

    PerlLogHandler Apache::BruteWatch

    PerlSetVar BruteDatabase     DBI:mysql:brutelog
    PerlSetVar BruteDataUser     username
    PerlSetVar BruteDataPassword password

    PerlSetVar BruteMaxTries     10
    PerlSetVar BruteMaxTime      30
    PerlSetVar BruteNotify       rbowen@example.com
    PerlSetVar BruteForgive      300

=head1 DESCRIPTION

C<mod_perl> log handler for warning you when someone is attempting a
brute-force password attack on your web site.

=head1 Variables

The following variables can be set in your Apache configuration file:

=head2 BruteDatabase

The DBI database name, such as C<DBI:mysql:brutelog>

=head2 BruteDataUser

The database username

=head2 BruteDataPassword

The database password

=head2 BruteMaxTries and BruteMaxTime

Allow this many failed attempts in this much time. After that,
notification will be sent. Time is in seconds.

=head2 BruteNotify

Email address to which notifications will be sent

lib/Apache/BruteWatch.pm  view on Meta::CPAN 

    $sth->finish;

    return if $count;

    my $notify = $r->dir_config('BruteNotify');

    my $message = qq~
    Apache::BruteWatch

    It appears that the username $username is under a brute-force
    password attack.
    ~;

    my %mail = (
        To      => $notify,
        From    => $notify,
        Subject => "User $username under attack",
        Message => $message,
    );
    Mail::Sendmail::sendmail(%mail);



( run in 0.628 second using v1.01-cache-2.11-cpan-49f99fa48dc )