Mercurial > prosody-wiki
annotate mod_host_guard.wiki @ 252:ec2b94f02b31
added wiki.
author | Marco Cirillo <maranda@lightwitch.org> |
---|---|
date | Fri, 06 Jan 2012 23:29:04 +0000 |
parents | 012884e6ba5d |
children | 22f6a2a998cf |
rev | line source |
---|---|
240 | 1 #summary Granular remote host blacklisting plugin |
2 #labels Stage-Stable | |
3 | |
4 = Details = | |
5 | |
247
012884e6ba5d
edited wiki to reflect changes.
Marco Cirillo <maranda@lightwitch.org>
parents:
240
diff
changeset
|
6 As often it's undesiderable to employ only whitelisting logics in public environments, this module let's you more selectively |
012884e6ba5d
edited wiki to reflect changes.
Marco Cirillo <maranda@lightwitch.org>
parents:
240
diff
changeset
|
7 restrict access to your hosts (component or server host) either disallowing access completely (with optional exceptions) or |
012884e6ba5d
edited wiki to reflect changes.
Marco Cirillo <maranda@lightwitch.org>
parents:
240
diff
changeset
|
8 blacklisting certain sources. |
240 | 9 |
10 = Usage = | |
11 | |
12 Copy the plugin into your prosody's modules directory. | |
13 And add it between your enabled modules into the global section (modules_enabled): | |
14 | |
247
012884e6ba5d
edited wiki to reflect changes.
Marco Cirillo <maranda@lightwitch.org>
parents:
240
diff
changeset
|
15 * The plugin can work either by blocking all remote access (s2s) to a certain resource with optional exceptions (useful for components) |
240 | 16 * Or by selectively blocking certain remote hosts through blacklisting (by using host_guard_selective and host_guard_blacklisting) |
17 | |
247
012884e6ba5d
edited wiki to reflect changes.
Marco Cirillo <maranda@lightwitch.org>
parents:
240
diff
changeset
|
18 Module configuration syntax: |
240 | 19 {{{ |
20 host_guard_blockall = { "no_access.yourhost.com", "no_access2.yourhost.com" } | |
247
012884e6ba5d
edited wiki to reflect changes.
Marco Cirillo <maranda@lightwitch.org>
parents:
240
diff
changeset
|
21 host_guard_blockall_exceptions = { "i_can_access.no_access.yourhost.com" } |
240 | 22 host_guard_selective = { "no_access_from_blsted.myhost.com", "no_access_from_blsted.mycomponent.com" } |
23 host_guard_blacklist = { "remoterogueserver.com", "remoterogueserver2.com" } | |
24 }}} | |
25 | |
247
012884e6ba5d
edited wiki to reflect changes.
Marco Cirillo <maranda@lightwitch.org>
parents:
240
diff
changeset
|
26 The above is updated when the server configuration is reloaded so that you don't need to restart the server. |
012884e6ba5d
edited wiki to reflect changes.
Marco Cirillo <maranda@lightwitch.org>
parents:
240
diff
changeset
|
27 |
240 | 28 = Compatibility = |
29 | |
30 * Works with 0.8.x, successive versions and trunk. |