[Owasp-leaders] [Owasp-community] Fwd: Python based Apache Firewall and Log analyzer

Kristian Erik Hermansen kristian.hermansen at gmail.com
Sat Oct 4 19:02:21 UTC 2014


Fail2ban already does this and allows custom rules so you can generalize
rules for any log file. I don't see any benefit here.

Also, everyone should be using ModSecurity anyway because it is so powerful
and works with Apache, nginx, and even Microsoft IIS.

Please forgive the top post and HTML email from mobile...
--
Regards,

Kristian Erik Hermansen
https://www.linkedin.com/in/kristianhermansen
On Oct 2, 2014 2:33 PM, "johanna curiel curiel" <johanna.curiel at owasp.org>
wrote:

> Please follow this discussion in owasp-project-ideas at owasp.org:
>
> Dear Group,
>
> while working on securing an apache server there came a tiny idea to my
> mind which i would like to start as a project.
>
> The first code is already submitted here:
>
> https://github.com/johestephan/mypyapachefw
>
> Basic idea is a Loganalyzer working on Apache logs and blocking badguys
> via iptables.
> Currently it only works on Header informations about the client and blocks
> sqlmap, Python and Wget.
> I know that most ideas can be done with mod_security, but this led to some
> trouble with the bad designed webinterface :-)
>
> So, any ideas are welcome.
>
> Kind regards
>
> Joerg
>
> --
> You received this message because you are subscribed to the Google Groups
> "OWASP PROJECT IDEAS" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to owasp-project-ideas+unsubscribe at owasp.org.
> To post to this group, send email to owasp-project-ideas at owasp.org.
> To view this discussion on the web visit
> https://groups.google.com/a/owasp.org/d/msgid/owasp-project-ideas/526474be-b05b-4904-bbe3-9067ac4866a6%40owasp.org
> <https://groups.google.com/a/owasp.org/d/msgid/owasp-project-ideas/526474be-b05b-4904-bbe3-9067ac4866a6%40owasp.org?utm_medium=email&utm_source=footer>
> .
>
>
> _______________________________________________
> Owasp-community mailing list
> Owasp-community at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-community
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20141004/5cbb5b5c/attachment-0001.html>


More information about the OWASP-Leaders mailing list