httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <br...@organic.com>
Subject Re: Things to do for 1.2beta release
Date Tue, 08 Oct 1996 21:21:06 GMT
On Tue, 8 Oct 1996, Rob Hartill wrote:
> Brian Behlendorf wrote:
> >
> >On Tue, 1 Oct 1996, Rob Hartill wrote:
> >> There's also my not universally liked, but veto-free "user-agents" patch
> >> (which has 3x+1), 
> >
> >Fine, let's do it.  It feels like configuration creep, but I suppose it's too
> >late to be extremely anal about that.  We'll make Apache 3.0's config file
> >language Perl or something in revenge.  :)
> 
> Mmmmm, donuts.

Or maybe M4.... :)

> >Give me the patch again and I'll go commit it.
> 
> *** mod_access.c.orig	Tue Sep 10 12:11:48 1996
> --- mod_access.c	Tue Sep 10 13:11:34 1996

Committed.

> >> and the patch to split "no_cache" into "no_cache" and
> >> "no_local_copy". The latter patch was mentioned in ApacheWeek as something
> >> that had been done, but AFAIK it has yet to be committed.
> >
> >Eh?  I don't remember this one.
> 
> "no_cache" had been borrowed to do stuff that it shouldn't have.

Committed.  

> >I think there was general consensus that this was a good idea, and I'm warming
> >up to the idea of using www.apache.org to try and catch them.  Though I'd
> >rather send them to cia.gov or cert.org or something :)  Send me a .conf
> >listing and a script to log the activity of those fools (to put in contrib) and 
> >I'll commit it.
> 
> Off the top of my head..
> 
> 
> <Location /cgi-bin/phf*>
>   <Limit GET PUT POST>
>   deny from all
>   </Limit>
>   ErrorDocument 403 http://www.apache.org/pfh_abuse_log.cgi
> </Location>

I took out the limits since they're unnecessary and put it, commented, in
access.conf-dist.

> #!/usr/local/bin/perl
> open(PHF, ">>/foo/bar/phf_log") || die "boo hoo, phf_log $!";
> print PHF "-----------\n";
> foreach $e (keys %ENV) {
>    print PHF "$e: $ENV{$e}\n";
> }
> close(PHF);
> print "Content-type: text/html\r\n\r\n<BLINK>Smile, you're on Candid Camera.</BLINK>\n";

I modified this above to only log 

  [$when] $ENV{REMOTE_ADDR} $ENV{REMOTE_HOST} $ENV{$HTTP_REFERER} $ENV{HTTP_USER_AGENT}

Anything else this really needs to log?  Enterprising folks could turn on
identd stuff I suppose.

	Brian

--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
brian@organic.com  www.apache.org  hyperreal.com  http://www.organic.com/JOBS


Mime
View raw message