You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Marc Perkel <ma...@perkel.com> on 2006/08/10 17:07:57 UTC

[users@httpd] Conditions based on reverse lookup

I'm running Apache 2.2. Here's what I want to do. I want to restrict 
access based on a failed reverse host lookup. For example, if the IP of 
the client fails revers lookup I want then to not be able to post.

Can that be done?


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Conditions based on reverse lookup

Posted by Joshua Slive <jo...@slive.ca>.

On 8/10/06, Marc Perkel <ma...@perkel.com> wrote:
>
>
> Joshua Slive wrote:
> > On 8/10/06, Marc Perkel <ma...@perkel.com> wrote:
> >> I'm running Apache 2.2. Here's what I want to do. I want to restrict
> >> access based on a failed reverse host lookup. For example, if the IP of
> >> the client fails revers lookup I want then to not be able to post.
> >>
> >> Can that be done?
> >
> > There's probably some module that does this, but a quick hack would be
> > HostnameLookups On
> > SetEnvIf Remote_Host [0-9]$ noname=1
> > <Location />
> > Order deny,allow
> > Deny from env=noname
> > </Location>
> >
> > This *will* slow down your server.
> >
> > Joshua.
> >
>
> I'm already looking up host names and it seems fast enough.
>
> How would I do this so that only POST is denied. I'm trying to reduce
> comment spam on blogs and BBS boards.

Inside the <Location> block, wrap the Order and Deny directives in a
<LimitExcept GET OPTIONS>.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Conditions based on reverse lookup

Posted by Marc Perkel <ma...@perkel.com>.


Joshua Slive wrote:
> On 8/10/06, Marc Perkel <ma...@perkel.com> wrote:
>> I'm running Apache 2.2. Here's what I want to do. I want to restrict
>> access based on a failed reverse host lookup. For example, if the IP of
>> the client fails revers lookup I want then to not be able to post.
>>
>> Can that be done?
>
> There's probably some module that does this, but a quick hack would be
> HostnameLookups On
> SetEnvIf Remote_Host [0-9]$ noname=1
> <Location />
> Order deny,allow
> Deny from env=noname
> </Location>
>
> This *will* slow down your server.
>
> Joshua.
>

I'm already looking up host names and it seems fast enough.

How would I do this so that only POST is denied. I'm trying to reduce 
comment spam on blogs and BBS boards.

Thanks in advance.



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Conditions based on reverse lookup

Posted by Joshua Slive <jo...@slive.ca>.

On 8/10/06, Marc Perkel <ma...@perkel.com> wrote:
> I'm running Apache 2.2. Here's what I want to do. I want to restrict
> access based on a failed reverse host lookup. For example, if the IP of
> the client fails revers lookup I want then to not be able to post.
>
> Can that be done?

There's probably some module that does this, but a quick hack would be
HostnameLookups On
SetEnvIf Remote_Host [0-9]$ noname=1
<Location />
Order deny,allow
Deny from env=noname
</Location>

This *will* slow down your server.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org