I have released version 1.2 of blacklist_to_modsec, my script for parsing blacklist data files and converting them into ***mod_security|http://www.modsecurity.org/*** rules.
In this release, I have introduced support for having multiple blacklist sources. You can fetch blacklists via the web, or you can read them from local files. All of your sources will be aggregated and stored into one local blacklist.
There’s a lot of talk these days about website spam. I don’t think that a single tool like blacklist_to_modsec+mod_security can be 100% effective in stopping spam. I would encourage you to check out all of the options, and find the ones that work best for your situation. I think the best part about using blacklist_to_modsec with mod_security is that it can help protect any software running on your web server. Not just Movable Type, not just WordPress, but any dynamic script. Everything on your web server will be sitting behind a single wall of mod_security protection. And you can always install a second line of defense at the application level, if you feel like you need that extra security. Chad Everett has written some ***excellent Movable Type plugins|http://jayseae.cxliv.org/software.html***, and of course Jay Allen, the inspiration for blacklist_to_modsec, wrote ***MT-Blacklist|http://www.jayallen.org/projects/mt-blacklist/***.
Anyway, if you find this program useful, or have questions, concerns, suggestions, etc… please let me know. If you find it really useful, you can always visit the ***Stuff Peter Wants|http://prwdot.org/stuff_peter_wants.html*** page. 🙂
***Get more information, documentation, and download the code|http://prwdot.org/docs/blacklisttomodsec.html***
If you would like to keep track of updates to blacklist_to_modsec, visit the ***blacklist_to_modsec category page|http://prwdot.org/archives/cat_blacklist_to_modsec.html***, which has a link to the blacklist_to_modsec RSS feed.