Mercurial > prosody-wiki
comparison mod_host_guard.wiki @ 247:012884e6ba5d
edited wiki to reflect changes.
| author | Marco Cirillo <maranda@lightwitch.org> |
|---|---|
| date | Tue, 20 Dec 2011 20:29:32 +0000 |
| parents | 8b15faa008e3 |
| children | 22f6a2a998cf |
comparison
equal
deleted
inserted
replaced
| 246:000cd449e801 | 247:012884e6ba5d |
|---|---|
| 1 #summary Granular remote host blacklisting plugin | 1 #summary Granular remote host blacklisting plugin |
| 2 #labels Stage-Stable | 2 #labels Stage-Stable |
| 3 | 3 |
| 4 = Details = | 4 = Details = |
| 5 | 5 |
| 6 As often it's undesiderable to employ whitelisting logics in public environments, this module let's you more selectively | 6 As often it's undesiderable to employ only whitelisting logics in public environments, this module let's you more selectively |
| 7 restrict access to your hosts (component or server host) either disallowing access completely or blacklisting certain sources. | 7 restrict access to your hosts (component or server host) either disallowing access completely (with optional exceptions) or |
| 8 blacklisting certain sources. | |
| 8 | 9 |
| 9 = Usage = | 10 = Usage = |
| 10 | 11 |
| 11 Copy the plugin into your prosody's modules directory. | 12 Copy the plugin into your prosody's modules directory. |
| 12 And add it between your enabled modules into the global section (modules_enabled): | 13 And add it between your enabled modules into the global section (modules_enabled): |
| 13 | 14 |
| 14 * The plugin can work either by blocking all remote access (s2s) to a certain resource (useful for components) | 15 * The plugin can work either by blocking all remote access (s2s) to a certain resource with optional exceptions (useful for components) |
| 15 * Or by selectively blocking certain remote hosts through blacklisting (by using host_guard_selective and host_guard_blacklisting) | 16 * Or by selectively blocking certain remote hosts through blacklisting (by using host_guard_selective and host_guard_blacklisting) |
| 16 | 17 |
| 17 Syntax: | 18 Module configuration syntax: |
| 18 {{{ | 19 {{{ |
| 19 host_guard_blockall = { "no_access.yourhost.com", "no_access2.yourhost.com" } | 20 host_guard_blockall = { "no_access.yourhost.com", "no_access2.yourhost.com" } |
| 21 host_guard_blockall_exceptions = { "i_can_access.no_access.yourhost.com" } | |
| 20 host_guard_selective = { "no_access_from_blsted.myhost.com", "no_access_from_blsted.mycomponent.com" } | 22 host_guard_selective = { "no_access_from_blsted.myhost.com", "no_access_from_blsted.mycomponent.com" } |
| 21 host_guard_blacklist = { "remoterogueserver.com", "remoterogueserver2.com" } | 23 host_guard_blacklist = { "remoterogueserver.com", "remoterogueserver2.com" } |
| 22 }}} | 24 }}} |
| 23 | 25 |
| 26 The above is updated when the server configuration is reloaded so that you don't need to restart the server. | |
| 27 | |
| 24 = Compatibility = | 28 = Compatibility = |
| 25 | 29 |
| 26 * Works with 0.8.x, successive versions and trunk. | 30 * Works with 0.8.x, successive versions and trunk. |