httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Gruno <rum...@cord.dk>
Subject Re: [users@httpd] allow from based on database query (2.4)
Date Mon, 26 Mar 2012 20:12:17 GMT
On 26-03-2012 16:41, brainbuz wrote:
>
> mod_gatekeeper sounds like it does exactly what I was looking for I 
> will try it.
>
I took the liberty of taking this example one step further, implementing 
it into the mod_auth group so you can use it within a Require block. The 
module in its current form can be found at 
http://people.apache.org/~humbedooh/authz_dynamic.html and the 
directives would look something like this:

# Require a line from /foo/bar/allowed_ips.txt to match the IP:
Require fromfile REMOTE_ADDR /foo/bar/allowed_ips.txt

# Or require an SQL statement to return a result. (all values are 
escaped, don't worry)
DBDriver mysql
DBDParams host=localhost,dbname=mydatabase,user=root
Require fromdb REMOTE_ADDR "SELECT `ip` FROM `ips` WHERE `ip` = '%s' 
LIMIT 1"

This new example requires mod_dbd loaded in order to work, but also 
offers the option of being able to check against a database of your 
choice for the list of IPs to allow/deny.

*Note:* This is a (personal) work in progress (or rather, it's a 
proposed solution), so there will be places that need more work in order 
to become effective, but if you just need something basic to compare IPs 
against a list or a database, it'll work better than the previous 
gatekeeper example.

With regards,
Daniel.

Mime
View raw message