blacklist_to_modsec 1.6

I’ve released blacklist_to_modsec 1.6 tonight, with a couple nifty and useful updates.

  • Added functionality to run a sequence of user-specified commands to restart your Apache server, if desired. This is useful if you are running mod_security within your main Apache config file, since Apache must be restarted to read changes in external files.
  • Added functionality to force a MT-Blacklist master update, to make sure that your MTB database has the freshest rules before blacklist_to_modsec queries it. This is useful if, for whatever reason, your MTB database doesn’t regularly update itself. This also runs in the foreground, so it’s useful if you can’t have LaunchBackgroundTasks enabled for some reason. Use the -u switch to use this feature.
  • Cleaned up and clearly labeled the user-configurable settings in the code.
  • Changed the $make_backup variable into a command-line switch. NOTE: make sure that you are aware of this, and run with the -b switch if you want rule file backups!
  • Cleaned up the documentation a bit.

For more information on these updates, and to download the new code, go here.

P.S. In the future, I’ll probably use an external configuration file so that you don’t have to re-enter your config variables when upgrading the script. For now – sorry for the inconvenience.

4 thoughts on “blacklist_to_modsec 1.6

  1. Jake

    So far so good. Had trouble getting the restart apache command to work, but once I enclosed the commend in single quotes, it ran w/out trouble.

    So my restart line now looks like this:
    my @restart_commands = (‘service httpd restart’);

    And we’re good to go 🙂

    Thanks again for the great script!

    Reply
  2. Peter

    The documentation actually does indicate that the list of restart commands should be comma-separated, quote delimited, but I’ve rewritten that part just a bit to help clarify. Thanks for the feedback!

    Reply
  3. Dunc

    Just wanted to say thanks – I was drowning under the crushing blow of Comment and Trackback spam, before I found your Perl script. Although MT-Blacklist was keeping the spam off my blog the server couldn’t support spawning the multitude of cgi’s to feed the spammers. Now, I’m still getting hit (the logs tell me that) but it’s far less of a load on my server.

    Dunc

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *