annotate mod_block_registrations/README.markdown @ 5549:01a0b67a9afd

mod_http_oauth2: Add TODO about disabling password grant Per recommendation in draft-ietf-oauth-security-topics-23 it should at the very least be disabled by default. However since this is used by the Snikket web portal some care needs to be taken not to break this, unless it's already broken by other changes to this module.
author Kim Alvefur <zash@zash.se>
date Fri, 16 Jun 2023 00:06:53 +0200
parents 72f23107beb4
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1803
4d73a1a6ba68 Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents: 1782
diff changeset
1 Introduction
4d73a1a6ba68 Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents: 1782
diff changeset
2 ============
1782
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3
1803
4d73a1a6ba68 Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents: 1782
diff changeset
4 On a server with public registration it is usually desirable to prevent
4d73a1a6ba68 Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents: 1782
diff changeset
5 registration of certain "reserved" accounts, such as "admin".
1782
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6
1803
4d73a1a6ba68 Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents: 1782
diff changeset
7 This plugin allows you to reserve individual usernames, or those
4d73a1a6ba68 Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents: 1782
diff changeset
8 matching certain patterns. It also allows you to ensure that usernames
4d73a1a6ba68 Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents: 1782
diff changeset
9 conform to a certain pattern.
1782
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10
1803
4d73a1a6ba68 Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents: 1782
diff changeset
11 Configuration
4d73a1a6ba68 Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents: 1782
diff changeset
12 =============
1782
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
13
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 Enable the module as any other:
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 modules_enabled = {
1803
4d73a1a6ba68 Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents: 1782
diff changeset
17 "block_registrations";
1782
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 }
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
20 You can then set some options to configure your desired policy:
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21
5421
a58ba20b3a71 mod_block_registrations: Update description expansion of default list
Kim Alvefur <zash@zash.se>
parents: 2715
diff changeset
22 Option Default Description
a58ba20b3a71 mod_block_registrations: Update description expansion of default list
Kim Alvefur <zash@zash.se>
parents: 2715
diff changeset
23 ------------------------------ ------------------- -----------------------------------------------------------------------------------------------------------------------------------------------
a58ba20b3a71 mod_block_registrations: Update description expansion of default list
Kim Alvefur <zash@zash.se>
parents: 2715
diff changeset
24 block_registrations_users *See source code* A list of reserved usernames
a58ba20b3a71 mod_block_registrations: Update description expansion of default list
Kim Alvefur <zash@zash.se>
parents: 2715
diff changeset
25 block_registrations_matching `{ }` A list of [Lua patterns](http://www.lua.org/manual/5.1/manual.html#5.4.1) matching reserved usernames (slower than block_registrations_users)
a58ba20b3a71 mod_block_registrations: Update description expansion of default list
Kim Alvefur <zash@zash.se>
parents: 2715
diff changeset
26 block_registrations_require `nil` A pattern that registered user accounts MUST match to be allowed
1782
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
27
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 Some examples:
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
30 block_registrations_users = { "admin", "root", "xmpp" }
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
31 block_registrations_matching = {
1803
4d73a1a6ba68 Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents: 1782
diff changeset
32 "master$" -- matches anything ending with master: postmaster, hostmaster, webmaster, etc.
1782
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
33 }
2715
9b43b7fc3558 mod_block_registrations: fix example regex
tmolitor <thilo@eightysoft.de>
parents: 2272
diff changeset
34 block_registrations_require = "^[a-zA-Z0-9_.-]+$" -- Allow only simple ASCII characters in usernames
1803
4d73a1a6ba68 Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents: 1782
diff changeset
35
4d73a1a6ba68 Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents: 1782
diff changeset
36 Compatibility
4d73a1a6ba68 Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents: 1782
diff changeset
37 =============
1782
29f3d6b7ad16 Import wiki pages
Kim Alvefur <zash@zash.se>
parents:
diff changeset
38
5422
72f23107beb4 mod_block_registrations: Refresh Compatibility section
Kim Alvefur <zash@zash.se>
parents: 5421
diff changeset
39 ------ -------
72f23107beb4 mod_block_registrations: Refresh Compatibility section
Kim Alvefur <zash@zash.se>
parents: 5421
diff changeset
40 0.12 Works
72f23107beb4 mod_block_registrations: Refresh Compatibility section
Kim Alvefur <zash@zash.se>
parents: 5421
diff changeset
41 0.11 Work
72f23107beb4 mod_block_registrations: Refresh Compatibility section
Kim Alvefur <zash@zash.se>
parents: 5421
diff changeset
42 ------ -------