Mercurial > prosody-wiki
changeset 247:012884e6ba5d
edited wiki to reflect changes.
author | Marco Cirillo <maranda@lightwitch.org> |
---|---|
date | Tue, 20 Dec 2011 20:29:32 +0000 |
parents | 000cd449e801 |
children | 7a0d1a7355f4 |
files | mod_host_guard.wiki |
diffstat | 1 files changed, 8 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_host_guard.wiki Mon Dec 19 18:56:08 2011 +0000 +++ b/mod_host_guard.wiki Tue Dec 20 20:29:32 2011 +0000 @@ -3,24 +3,28 @@ = Details = -As often it's undesiderable to employ whitelisting logics in public environments, this module let's you more selectively -restrict access to your hosts (component or server host) either disallowing access completely or blacklisting certain sources. +As often it's undesiderable to employ only whitelisting logics in public environments, this module let's you more selectively +restrict access to your hosts (component or server host) either disallowing access completely (with optional exceptions) or +blacklisting certain sources. = Usage = Copy the plugin into your prosody's modules directory. And add it between your enabled modules into the global section (modules_enabled): - * The plugin can work either by blocking all remote access (s2s) to a certain resource (useful for components) + * The plugin can work either by blocking all remote access (s2s) to a certain resource with optional exceptions (useful for components) * Or by selectively blocking certain remote hosts through blacklisting (by using host_guard_selective and host_guard_blacklisting) -Syntax: +Module configuration syntax: {{{ host_guard_blockall = { "no_access.yourhost.com", "no_access2.yourhost.com" } +host_guard_blockall_exceptions = { "i_can_access.no_access.yourhost.com" } host_guard_selective = { "no_access_from_blsted.myhost.com", "no_access_from_blsted.mycomponent.com" } host_guard_blacklist = { "remoterogueserver.com", "remoterogueserver2.com" } }}} +The above is updated when the server configuration is reloaded so that you don't need to restart the server. + = Compatibility = * Works with 0.8.x, successive versions and trunk.