mod_security

Security Audit and Trailing Functionality

Security Audit and Trailing Functionality

Functions

block_user(User, Port, Dir, Seconds) -> true | {error, Reason} block_user(User, Address, Port, Dir, Seconds) -> true | {error, Reason}
  • User = string()
  • Port = integer()
  • Address = {A,B,C,D} | string() | undefined
  • Dir = string()
  • Seconds = integer() | infinity
  • Reason = no_such_directory

block_user/4 and block_user/5 each blocks the user User from directory Dir for a specified amount of time.

list_auth_users(Port) -> Users | [] list_auth_users(Address, Port) -> Users | [] list_auth_users(Port, Dir) -> Users | [] list_auth_users(Address, Port, Dir) -> Users | []
  • Port = integer()
  • Address = {A,B,C,D} | string() | undefined
  • Dir = string()
  • Users = list() = [string()]

list_auth_users/1, list_auth_users/2, and list_auth_users/3 each returns a list of users that are currently authenticated. Authentications are stored for SecurityAuthTimeout seconds, and then discarded.

list_blocked_users(Port) -> Users | [] list_blocked_users(Address, Port) -> Users | [] list_blocked_users(Port, Dir) -> Users | [] list_blocked_users(Address, Port, Dir) -> Users | []
  • Port = integer()
  • Address = {A,B,C,D} | string() | undefined
  • Dir = string()
  • Users = list() = [string()]

list_blocked_users/1, list_blocked_users/2, and list_blocked_users/3 each returns a list of users that are currently blocked from access.

unblock_user(User, Port) -> true | {error, Reason} unblock_user(User, Address, Port) -> true | {error, Reason} unblock_user(User, Port, Dir) -> true | {error, Reason} unblock_user(User, Address, Port, Dir) -> true | {error, Reason}
  • User = string()
  • Port = integer()
  • Address = {A,B,C,D} | string() | undefined
  • Dir = string()
  • Reason = term()

unblock_user/2, unblock_user/3, and unblock_user/4 each removes the user User from the list of blocked users for Port (and Dir).

SecurityCallbackModule

The SecurityCallbackModule is a user-written module that can receive events from the mod_security Erlang web server API module. This module only exports the functions event/[4,5] which are described here.

Functions

Module:event(What, Port, Dir, Data) -> ignored Module:event(What, Address, Port, Dir, Data) -> ignored
  • What = atom()
  • Port = integer()
  • Address = {A,B,C,D} | string()
  • Dir = string()
  • Data = [Info]
  • Info = {Name, Value}

event/4 or event/5 is called whenever an event occurs in the mod_security Erlang web server API module. (event/4 is called if Address is undefined, otherwise event/5. Argument What specifies the type of event that has occurred and is one of the following reasons:

auth_fail

A failed user authentication.
user_block

A user is being blocked from access.
user_unblock

A user is being removed from the block list.

Note!

The event user_unblock is not triggered when a user is removed from the block list explicitly using the unblock_user function.