# HG changeset patch # User Marco Cirillo # Date 1324412972 0 # Node ID 012884e6ba5d7c920e0aa98e1c5690d8f98c8471 # Parent 000cd449e80197f92f34dfae31ff3934283ceb66 edited wiki to reflect changes. diff -r 000cd449e801 -r 012884e6ba5d mod_host_guard.wiki --- a/mod_host_guard.wiki Mon Dec 19 18:56:08 2011 +0000 +++ b/mod_host_guard.wiki Tue Dec 20 20:29:32 2011 +0000 @@ -3,24 +3,28 @@ = Details = -As often it's undesiderable to employ whitelisting logics in public environments, this module let's you more selectively -restrict access to your hosts (component or server host) either disallowing access completely or blacklisting certain sources. +As often it's undesiderable to employ only whitelisting logics in public environments, this module let's you more selectively +restrict access to your hosts (component or server host) either disallowing access completely (with optional exceptions) or +blacklisting certain sources. = Usage = Copy the plugin into your prosody's modules directory. And add it between your enabled modules into the global section (modules_enabled): - * The plugin can work either by blocking all remote access (s2s) to a certain resource (useful for components) + * The plugin can work either by blocking all remote access (s2s) to a certain resource with optional exceptions (useful for components) * Or by selectively blocking certain remote hosts through blacklisting (by using host_guard_selective and host_guard_blacklisting) -Syntax: +Module configuration syntax: {{{ host_guard_blockall = { "no_access.yourhost.com", "no_access2.yourhost.com" } +host_guard_blockall_exceptions = { "i_can_access.no_access.yourhost.com" } host_guard_selective = { "no_access_from_blsted.myhost.com", "no_access_from_blsted.mycomponent.com" } host_guard_blacklist = { "remoterogueserver.com", "remoterogueserver2.com" } }}} +The above is updated when the server configuration is reloaded so that you don't need to restart the server. + = Compatibility = * Works with 0.8.x, successive versions and trunk.