19982013 Ericsson AB. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. mod_security Mattias Nilsson 1997-11-18 1.0 mod_security.sgml
mod_security Security Audit and Trailing Functionality

Security Audit and Trailing Functionality

 block_user(User, Port, Dir, Seconds) -> true | {error, Reason} block_user(User, Address, Port, Dir, Seconds) -> true | {error, Reason} Blocks a user from access to a directory for a certain amount of time. User = string() Port = integer() Address = {A,B,C,D} | string() | undefined Dir = string() Seconds = integer() | infinity Reason = no_such_directory

block_user/4 and block_user/5 each blocks the user User from directory Dir for a specified amount of time.

 list_auth_users(Port) -> Users | [] list_auth_users(Address, Port) -> Users | [] list_auth_users(Port, Dir) -> Users | [] list_auth_users(Address, Port, Dir) -> Users | [] Lists users that have authenticated within the SecurityAuthTimeout time for a given address (if specified), port number, and directory (if specified). Port = integer() Address = {A,B,C,D} | string() | undefined Dir = string() Users = list() = [string()]

list_auth_users/1, list_auth_users/2, and list_auth_users/3 each returns a list of users that are currently authenticated. Authentications are stored for SecurityAuthTimeout seconds, and then discarded.

 list_blocked_users(Port) -> Users | [] list_blocked_users(Address, Port) -> Users | [] list_blocked_users(Port, Dir) -> Users | [] list_blocked_users(Address, Port, Dir) -> Users | [] Lists users that are currently blocked from access to a specified port number, for a given address (if specified). Port = integer() Address = {A,B,C,D} | string() | undefined Dir = string() Users = list() = [string()]

list_blocked_users/1, list_blocked_users/2, and list_blocked_users/3 each returns a list of users that are currently blocked from access.

 unblock_user(User, Port) -> true | {error, Reason} unblock_user(User, Address, Port) -> true | {error, Reason} unblock_user(User, Port, Dir) -> true | {error, Reason} unblock_user(User, Address, Port, Dir) -> true | {error, Reason} Removes a blocked user from the block list. User = string() Port = integer() Address = {A,B,C,D} | string() | undefined Dir = string() Reason = term()

unblock_user/2, unblock_user/3, and unblock_user/4 each removes the user User from the list of blocked users for Port (and Dir).
SecurityCallbackModule

The SecurityCallbackModule is a user-written module that can receive events from the mod_security Erlang web server API module. This module only exports the functions event/[4,5] which are described here.

Module:event(What, Port, Dir, Data) -> ignored Module:event(What, Address, Port, Dir, Data) -> ignored Called whenever an event occurs in mod_security. What = atom() Port = integer() Address = {A,B,C,D} | string() <v>Dir = string() Data = [Info] Info = {Name, Value}

event/4 or event/5 is called whenever an event occurs in the mod_security Erlang web server API module. (event/4 is called if Address is undefined, otherwise event/5. Argument What specifies the type of event that has occurred and is one of the following reasons:

auth_fail

A failed user authentication.

 user_block

A user is being blocked from access.

 user_unblock

A user is being removed from the block list.

The event user_unblock is not triggered when a user is removed from the block list explicitly using the unblock_user function.