mod_security

Security Audit and Trailing Functionality

Security Audit and Trailing Functionality

Functions


list_auth_users(Port) -> Users | []

list_auth_users(Address, Port) -> Users | []

list_auth_users(Port, Dir) -> Users | []

list_auth_users(Address, Port, Dir) -> Users | []

  • Port = integer()
  • Address = {A,B,C,D} | string() | undefined
  • Dir = string()
  • Users = list() = [string()]

list_auth_users/1, list_auth_users/2 and list_auth_users/3 returns a list of users that are currently authenticated. Authentications are stored for SecurityAuthTimeout seconds, and are then discarded.

list_blocked_users(Port) -> Users | []

list_blocked_users(Address, Port) -> Users | []

list_blocked_users(Port, Dir) -> Users | []

list_blocked_users(Address, Port, Dir) -> Users | []

  • Port = integer()
  • Address = {A,B,C,D} | string() | undefined
  • Dir = string()
  • Users = list() = [string()]

list_blocked_users/1, list_blocked_users/2 and list_blocked_users/3 returns a list of users that are currently blocked from access.

block_user(User, Port, Dir, Seconds) -> true | {error, Reason}

block_user(User, Address, Port, Dir, Seconds) -> true | {error, Reason}

  • User = string()
  • Port = integer()
  • Address = {A,B,C,D} | string() | undefined
  • Dir = string()
  • Seconds = integer() | infinity
  • Reason = no_such_directory

block_user/4 and block_user/5 blocks the user User from the directory Dir for a specified amount of time.

unblock_user(User, Port) -> true | {error, Reason}

unblock_user(User, Address, Port) -> true | {error, Reason}

unblock_user(User, Port, Dir) -> true | {error, Reason}

unblock_user(User, Address, Port, Dir) -> true | {error, Reason}

  • User = string()
  • Port = integer()
  • Address = {A,B,C,D} | string() | undefined
  • Dir = string()
  • Reason = term()

unblock_user/2, unblock_user/3 and unblock_user/4 removes the user User from the list of blocked users for the Port (and Dir) specified.

The SecurityCallbackModule

The SecurityCallbackModule is a user written module that can receive events from the mod_security Erlang Webserver API module. This module only exports one function, event/4, which is described below.

Functions


event(What, Port, Dir, Data) -> ignored

event(What, Address, Port, Dir, Data) -> ignored

  • What = atom()
  • Port = integer()
  • Address = {A,B,C,D} | string() <v>Dir = string()
  • What = [Info]
  • Info = {Name, Value}

event/4 or event/4 is called whenever an event occurs in the mod_security Erlang Webserver API module (event/4 is called if Address is undefined and event/5 otherwise). The What argument specifies the type of event that has occurred, and should be one of the following reasons; auth_fail (a failed user authentication), user_block (a user is being blocked from access) or user_unblock (a user is being removed from the block list).

Note!

Note that the user_unblock event is not triggered when a user is removed from the block list explicitly using the unblock_user function.