lighttpd-1.4.26 mod_auth.patch
Marcin Rybak
marcin.rybak at gmail.com
Mon May 24 21:45:16 CEST 2010
Hi,
Because - default lighttpd mod_auth does not provide additional information
about source IP address when login attempt is wrong (as an example - while
password guessing), i made some change in a source code.
here's how it looks by default:
2010-05-24 21:00:36: (http_auth.c.872) get_password failed
and after patching:
2010-05-24 21:00:48: (http_auth.c.872) get_password failed , IP: xx.xx.xx.xx
it is now possible to use as an example fail2ban - to prevent login/password
bruteforce attacks
please find attached http_auth.patch (tested at my th i686) (my first patch,
so please be soft :) )
regards,
---
Marcin Rybak
http://marcinrybak.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: http_auth.patch
Type: application/octet-stream
Size: 495 bytes
Desc: not available
Url : /mailman/pipermail/pld-devel-en/attachments/20100524/b16d22d4/attachment.obj
More information about the pld-devel-en
mailing list