blacklist_to_modsec 1.0

Leave a reply

I’ve made a pretty big overhaul to ***blacklist_to_modsec|http://prwdot.org/docs/blacklisttomodsec.html***, my script for converting ***Jay Allen|http://www.jayallen.org/***’s master blacklist into ***mod_security|http://www.modsecurity.org/*** rules. Using blacklist_to_modsec with mod_security can help protect your blog from comment or trackback spam, whether you’re using WordPress, Movable Type, or something else. If you’re interested, read on.

This new version of my script uses ***Storable|http://search.cpan.org/~ams/Storable-2.13/*** to keep a stash of the current blacklist data in between runs. (Storable is a really cool and easy to use Perl module that lets you write any data structure to a file on disk, and then retrieve it later.) When the script runs, it checks for the data file. If it doesn’t exist, it is initialized with a fresh copy of the master blacklist. If it does exist, then a copy of the latest 100 changes is downloaded, and any additions or deletions are applied to the current stored blacklist in the order they were added. Once the local data file is in sync, it is used to write a fresh copy of the rules

There is also now a ‘-i’ switch to reinitialize the data file, if for some reason you want to do that.

I still have some work to do to make the script do less work if no changes are necessary, but this shouldn’t be too hard now that I have some persistence in place. All things considered, it really works quite well.

I’ve received feedback from a couple of people, but I’d certainly like to hear from others who may be using this script. Let me know how and where you are using it, and how, if at all, it’s helped you control spam. As always, please leave any comments, questions, or suggestions so that I can make the script work better for everyone.

One more note for the record: I believe, like many others, is that there is no magic bullet to cure spam. Putting one script or one plugin into practice is not going to cure spam for everyone. A holistic approach is best – using a combination of tools and techniques to achieve the best possible result. That being said, I personally try to use the smallest number of techniques that work well for my own situation. At the present time, prwdot.org is protected only by mod_security augmented with Jay Allen’s blacklist rules. This has stopped all but the very occasional spam from getting through, and it protects every dynamic script on my system from spam… not just Movable Type. Should a situation arise where it simply isn’t providing adequate protection, I will consider other measures.

***Read the documentation and download the code|http://prwdot.org/docs/blacklisttomodsec.html***

Leave a Reply

Your email address will not be published. Required fields are marked *