The InspIRCd Project
Home | Developers | Wiki | Forums | Bug Tracker | SVN | Download | Blog | Stats
Personal tools

Modules/httpd acl

From the makers of InspIRCd.

Jump to: navigation, search


Description
This module adds access control lists to the m_httpd module and other modules that depend upon it. Access control lists may be built from IP blacklists, IP whitelists, and usernames and passwords.
Configuration Tags
This module adds the following configuration tag: 
<httpdacl path="/stats*" types="password,whitelist" username="secretstuff" password="mypasshere" whitelist="127.0.0.*,10.*">

Defines an access control list.

  • path: The pathname to apply the access control list to. Wildcards may be used.
  • types: The access control types to apply, allowed types are password, whitelist and blacklist. When multiple access control types are specified, whitelist supercedes all types, followed by blacklist then password. All types must be successfully matched (or not matched, in the case of a blacklist!) to allow access.
  • whitelist: A comma seperated list of whitelisted IP addresses, checked in order given, if the whitelist type is specified in types.
  • blacklist: A comma seperated list of blacklisted IP addresses, checked in order given, if the blacklist type is specified in types.
  • username: The HTTP Authentication scheme username to use for validating access to this resource, if password is specified as a type in the types field.
  • password: The HTTP Authentication scheme password to use for validating access to this resource, if password is specified as a type in the types field.

You may define multiple httpdacl tags, which will be read and checked in the order specified in the configuration files.

Additional Modes
None
Additional Commands
None
Special Notes
It is strongly recommended you make good use of this module to lock down any other m_httpd modules against their content being read by those who should not be reading them.
Examples

Restrict access to the m_httpd_stats module to all but the local network and when the correct password is specified: 

 <httpdacl path="/stats*" types="password,whitelist"
  username="secretstuff" password="mypasshere" whitelist="127.0.0.*,10.*">

Deny all connections to all but the main index page: 

<httpdacl path="/*" types="blacklist" blacklist="*">
Dependencies
The HTTP Server Module
Retrieved from "http://inspircd.org/wiki/Modules/httpd_acl"
head
Advertisement
head
head