mod_dosevasive是Apache的一个规避策略模块,它为Apache在遭受一个HTTP DoS或DDoS攻击或者强制
攻击事件时提供规避行动。
它也是一个检测和管理网络的工具,可以方便地配置以便与ipchains、网络防火墙、路由器等进行交互。
mod_dosevasive目前可以通过电子邮件和syslog等设施来报告滥用行为。
检测是通过创建一个IP地址和URI的内部动态哈希表,并拒绝任何单一的IP地址的以下行为:
* 每秒多次请求同一个页面
* 在同一个Apache Child上,每秒发起超过50个并发请求
* 在临时黑名单上(在阻止列表上)的IP,发起任意请求
这个方法对于单一服务器脚本攻击和分布式攻击同样行之有效,但是和其它规避工具一样,仅仅对保护带宽和
处理器消耗起作用(如,带宽总量和接收/处理/响应无效请求所需的处理器),因此,把它和你的网络防火
墙与路由器集成起来以达到最大保护,是个好主意。
这个模块为每个监听器单独地初始化一个实例,因此它有内建的清理机制和缩放功能。由于这种针对每个
Apache Child的设计,合法的请求从来不受影响(甚至是从代理和NAT地址),而仅仅针对脚本攻击。即使用户
重复地点击“刷新”也应该不受影响,除非他们不怀好意。mod_dosevasive完全通过Apache配置文件来配置,
很容易集成到你的web服务器上。
mod_vhs is an Apache Web Server module allowing mass virtual hosting without
the need for file based configuration. The virtual host paths are translated
using mod_ldap or mod_dbd to get the corrects path at request time.
Wt (pronounced as witty) is a C++ library for developing web applications.
The API is widget-centric and uses well-tested patterns of desktop GUI
development tailored to the web. To the developer, it offers abstraction of
many web-specific implementation details, including client-server protocols
(HTTP, Ajax, WebSockets), and frees the developer from tedious JavaScript
manipulations of HTML and dealing with cross-browser issues. Instead, with Wt,
you can focus on actual functionality with a rich set of feature-complete
widgets. Unlike old-school page-based frameworks or current-day single-page
JavaScript "frameworks", Wt allows you to create stateful applications that are
at the same time highly interactive (using WebSockets and Ajax for everything)
but still support plain HTML browsers or web crawlers using automatic graceful
degradation or progressive enhancement. Things that are natural and simple
with Wt would require an impractical amount of development effort otherwise:
switching widgets using animations, while retaining clean URLs and browser
navigation functions, or having a persistent chat widget open throughout the
entire application, that even works in legacy browsers like Microsoft Internet
Explorer 6.
The library comes with an application server that acts as a stand-alone
Http(s)/WebSocket server or integrates through FastCGI with other web servers.
Piwigo is a photo gallery software for the web that comes with powerful features
to publish and manage your collection of pictures.
Started in 2002, the project is now supported by an active community of users
and developers. It supports numerous galleries of all sizes all over the world,
from an individual ten-photos party to the images stock of an agency. This
scalability is supported by smart browsing capabilities based on categories,
tags and chronological search. Various extensions make Piwigo even more
scalable and customizable to suit your own needs and desires.
Piwigo is both web and photo standard compliant. And, icing on the cake, it is
free and opensource.
PhpWebGallery became Piwigo on February 15th, 2009.
This is the FreeBSD port of the OpenBSD http server.
mod_macro is a third-party module to the Apache Http Server, distributed with
a BSD-style license like Apache. It allows the definition and use of macros
within apache runtime configuration files. The syntax is a natural extension
to apache html-like configuration style.
CGI::Session::ExpireSessions is a pure Perl module.
It deletes CGI::Session-type sessions which have passed their use-by date.
It works with CGI::Session-type sessions in a database or in disk files,
but does not appear to work with CGI::Session::PureSQL-type sessions.
The recommended way to use this module is via method expire_sessions(),
which requires CGI::Session V 4 or later.
CGI::Struct lets you transform CGI data keys that look like perl data
structures into actual perl data structures.
A storage class for Catalyst Authentication using DBIx::Class
Return a new instance a component on each request