Comments on Block Spam, Preventing URL Injection And Block HTTP Attacks With mod_dnsblacklist

Block Spam, Preventing URL Injection And Block HTTP Attacks With mod_dnsblacklist mod_dnsblacklist is a Lighttpd module that use DNSBL in order to block spam relay via web forms, preventing URL injection, block http DDoS attacks from bots and generally protecting your web service denying access to a known bad IP address.

1 Comment(s)

Add comment

Please register in our forum first to comment.

Comments

By: Horst

In the lighttpd forum there is this thread, describing while it dont have to be a good idea to use this mod_dnsblacklist

http://redmine.lighttpd.net/boards/3/topics/2416

Quote by stbuehler:

I guess it will be useful to some people, so just as a final note why this is not the right way to do it in general:
lighttpd is single threaded, and will handle all requests with this one thread. If you "block one request for 1 second", you block all requests for 1 second.
Now it may be "difficult" to get many IPv4 addresses to cause a DDoS (each new address will block lighttpd for some time), when it comes to IPv6 you are doomed (I didn't look at your patch and I guess you don't support IPv6 anyway, but just as a thought).
So the real solution would be to do the DNS lookup asynchronous, which either requires you to do the lookup in another thread/process or have an async DNS lookup implementation which you can hook into lighttpds event system.