Just FYI: I am no longer actively using or maintaining the blacklist_to_modsec|http://prwdot.org/docs/blacklisttomodsec.html script. I am currently using Brad Choate|http://www.bradchoate.com/‘s SpamLookup|http://bradchoate.com/projects/spamlookup/ to block comment and trackback spam, and it’s working wonderfully.
If anyone is interested in taking over ownership and maintenance of blacklist_to_modsec, please let me know. Otherwise, this is the last you’ll hear about it.
Timothy Appnel|http://www.appnel.com/ has offered to take blacklist_to_modsec off of my hands. Contact him for any further information on the project.
In the last month and a half since releasing blacklist_to_modsec, I’ve collected a number of tips, caveats, and notes that will be valuable to anyone who uses blacklist_to_modsec, and in general anyone who wants to use mod_security to prevent website spam.
I’ve released blacklist_to_modsec 1.6 tonight, with a couple nifty and useful updates.
Tonight I’m releasing blacklist_to_modsec version 1.5. This update offers much-improved support if you want to pull your rules directly from your local MT-Blacklist|http://www.jayallen.org/projects/mt-blacklist/ database. This is mostly due to a parsing routine written by David Phillips|http://tweezersedge.com/, who has been invaluable in this project.
Well, it looks like the reason blacklist_to_modsec has been working so well for me is that I’m running Apache 2.x.
I have released version 1.4 of blacklist_to_modsec. It includes many important and useful changes, and is a recommended upgrade for all current users.
blacklist_to_modsec 1.3 brings the ability to pull in data from the MT-Blacklist database, as well as a few other small code tweaks….
I have released version 1.2 of blacklist_to_modsec, my script for parsing blacklist data files and converting them into mod_security|http://www.modsecurity.org/ rules.
blacklist_to_modsec 1.1 has a few useful changes:
- When updating from the ‘Latest Changes’ URL, the script now checks each change against the existing blacklist to see if it would have any effect. Only those changes which would cause a net difference in the existing blacklist are applied.
- The script now logs each change that is made to the existing blacklist when it is running an update.
As before, please share any questions, comments, or suggestions.
Download and documentation here|http://prwdot.org/docs/blacklisttomodsec.html
I’ve made a pretty big overhaul to blacklist_to_modsec|http://prwdot.org/docs/blacklisttomodsec.html, my script for converting Jay Allen|http://www.jayallen.org/‘s master blacklist into mod_security|http://www.modsecurity.org/ rules. Using blacklist_to_modsec with mod_security can help protect your blog from comment or trackback spam, whether you’re using WordPress, Movable Type, or something else. If you’re interested, read on.