Using mod_httpbl with WHM

[lane]

Has anyone set this up before? Has anyone used Project Honeypot before?

I can't find much of any documentation for this module but I would really like to set our server up to block Project Honeypot registered offenders. If anyone has set this up before and could spare a moment to tell me how it went that would be very cool of you.

## Edit ##

I forgot to provide the links to the software in case anyone is interested in trying it themselves:
http://www.projecthoneypot.org/httpbl_download.php
https://sourceforge.net/projects/httpbl/

[egillette]

Hey!

Sorry for the late reply to your post. . .but I've set this up for a few clients, and while the syntax is a bit complicated, it is very simple once you understand how it works, and what you want to block, etc.

Give me a shout if you still need help figuring it out.

Your first place to check though is yourdomain.com/httpbl_diagnostics/ -- that'll at least let you know if you've installed it properly.

Anyway, let me know. . .

[zushiba]

Forgive me if I'm resurrecting an old thread but I'm interested in this as well. I've installed it but I couldn't quite figure out where to put the basic configuration stuff

Code:

<IfModule mod_httpbl.c>
	HTTPBLRBLEnabled On
	HTTPBLLogDir /usr/local/apache/logs
	HTTPBLAccessKey mykey
</IfModule>

I put it in http.conf but I know any builds in WHM will smash that to pieces.

Note: I did search for custom directives and came up with this
but CustomDirectives < EasyApache3 < TWiki no longer exists and I don't know what else to look for.

[cPanelDon]

Forgive me if I'm resurrecting an old thread but I'm interested in this as well. I've installed it but I couldn't quite figure out where to put the basic configuration stuff

Code:

<IfModule mod_httpbl.c>
	HTTPBLRBLEnabled On
	HTTPBLLogDir /usr/local/apache/logs
	HTTPBLAccessKey mykey
</IfModule>

I put it in http.conf but I know any builds in WHM will smash that to pieces.

Note: I did search for custom directives and came up with this
but CustomDirectives < EasyApache3 < TWiki no longer exists and I don't know what else to look for.

I recommend using the Apache/httpd configuration include editor in WebHost Manager (WHM) to install the new (custom) directives: WHM: Main >> Service Configuration >> Apache Configuration >> Include Editor

I've submitted internal case 50742 to address the missing topic in the documentation; if I recall correctly, I believe the "EasyApache3/CustomDirectives" page served as an introduction to the following two topics:

• Custom Directives outside of a VirtualHost Tag
• Changes Contained within a VirtualHost Directive

[egillette]

Hey,

Also, just so you know, you don't have to edit httpd.conf directly. . .

You can just insert an include this line as follows:

Include /usr/local/apache/conf/mod_httpbl.conf

Then include the following within the mod_httpbl.conf

<code>
LoadModule /usr/local/apache/conf/mod_httpbl.so
HTTPBLRBLEnabled On
HTTPBLLogDir /usr/local/apache/logs
HTTPBLAccessKey mykey
</code>

This is how I ran it in my installation and countless client installations. . .

In addition, you can also run the distiller afterwards:

/usr/local/cpanel/bin/apache_conf_distiller --update

This will check your changes in. =0)

[egillette]

Hey,

Also, just in case you were talking about the actual configuration directives, you can configure it by using the syntax shown below for example (this is how I have mine configured):

Code:

HTTPBLDefaultAction allow
# Serve all search engines
HTTPBLRBLReqHandler 255:0-255:0-255:0 allow
# Deny any requests originating from IPs known to Project Honey Pot to be suspicious or offensive.
HTTPBLRBLReqHandler 255:0-255:0-255:255 deny
# Deny known exploiters (8) from using HTTP requests (4), and POST requests (2)
HTTPBLRBLReqHandler 4:0-255:0-255:8 deny
HTTPBLRBLReqHandler 2:0-255:0-255:8 deny
# Deny comment spammers (4) as well from submitting POST Requests (2), and HTTP Requests (4)
HTTPBLRBLReqHandler 4:0-255:0-255:4 deny
HTTPBLRBLReqHandler 2:0-255:0-255:4 deny
# Set by default, no need to set it below, so it's commented out.
#HTTPBLTestingURL /httpbl_diagnostics/

I find these settings work pretty effectively in both my server configuration and a bunch of different client server configurations in preventing comment spam, and otherwise -- the documentation for it is pretty detailed, but you won't find it as part of the source package.

I forget where I found it honestly, but it was pretty detailed, as it has lots of directives you can use.

If I manage to find it again, I'll post it here for you.

[hgrg]

thanks for the detailed explanation its really helpful.. im also going to give it a try..

[egillette]

No problem -- I help where I can. . .

I'm still attempting to locate the documentation I had found for it with all the directives and such. . .

If I manage to locate it, I'll post it here! =0)