[Zope] newbie q: how to block IP
Dylan Reinhardt
zope@dylanreinhardt.com
Wed, 12 Feb 2003 12:19:39 -0800
You already got the very best answer you're going to get on this one: use
squid or another cache/proxy.
That's because blocking IPs is usually the wrong answer to the wrong
question. The very few number of applications where it's appropriate are
best accomplished by a program like squid that has the facilities to detect
"red flag" requests. It's something you almost surely want to do
dynamically in response to particular behavior.
So... the short answer, really, is you may want to think up a different
strategy. There are a number of existing ways of dealing with abusive
users and odds are you'll be far better off making use of those than
crafting your own solution.
However... if you really must have a hosts_deny kind of thing for your
Zope, I'd read up on Access Rules and implement it that way.
HTH,
Dylan
At 10:40 AM 2/12/2003, Sungmook Kim wrote:
>Is this how I block an IP Adress?
>All I want is just to block or ban some IP Addresses
>to maybe a specific page or the whole website.
>I know that with REQUEST[`REMOTE_ADDR`] you can find
>out one's ip address. but what i am looking is for a
>code or any function which allows me to block certain
>IP that I chose.
>cheers
>
> --- Toby Dickenson <tdickenson@geminidataloggers.com>
>schrieb: > On Wednesday 12 February 2003 2:34 pm,
>Sungmook Kim
> > wrote:
> > > hi!
> > >
> > > i have this guestbook similar to what is shown in
> > the
> > > zope book.
> > > i'd like to know if there are possibilities to
> > write a
> > > script or a code which blocks unwanted ip
> > addresses.
> > > thanks
> >
> > For protectiong a single page you can check
> > REQUEST[`REMOTE_ADDR`], or in Zope
> > 2.7 REQUEST.getClientAddr()
> >
> > If you really care about security then it is best to
> > run Zope behind a proxy
> > such as squid, pound, or apache. All these proxies
> > have IP address filtering.
> >
> > --
> > Toby Dickenson
> > http://www.geminidataloggers.com/people/tdickenson
> >
> > _______________________________________________
> > Zope maillist - Zope@zope.org
> > http://mail.zope.org/mailman/listinfo/zope
> > ** No cross posts or HTML encoding! **
> > (Related lists -
> > http://mail.zope.org/mailman/listinfo/zope-announce
> > http://mail.zope.org/mailman/listinfo/zope-dev )
>
>__________________________________________________________________
>
>Gesendet von Yahoo! Mail - http://mail.yahoo.de
>Bis zu 100 MB Speicher bei http://premiummail.yahoo.de
>
>_______________________________________________
>Zope maillist - Zope@zope.org
>http://mail.zope.org/mailman/listinfo/zope
>** No cross posts or HTML encoding! **
>(Related lists -
> http://mail.zope.org/mailman/listinfo/zope-announce
> http://mail.zope.org/mailman/listinfo/zope-dev )