Expand banned_users; it can now include PageSpecs, which allows banning by IP address.
Joey Hess
parent
064b507c53
commit
55474f44d9
|
|
@ -252,16 +252,30 @@ sub check_banned ($$) {
|
|||
my $q=shift;
|
||||
my $session=shift;
|
||||
|
||||
my $banned=0;
|
||||
my $name=$session->param("name");
|
||||
if (defined $name) {
|
||||
if (grep { $name eq $_ } @{$config{banned_users}}) {
|
||||
$session->delete();
|
||||
cgi_savesession($session);
|
||||
cgi_custom_failure(
|
||||
$q->header(-status => "403 Forbidden"),
|
||||
gettext("You are banned."));
|
||||
if (defined $name &&
|
||||
grep { $name eq $_ } @{$config{banned_users}}) {
|
||||
$banned=1;
|
||||
}
|
||||
|
||||
foreach my $b (@{$config{banned_users}}) {
|
||||
if (pagespec_match("", $b,
|
||||
ip => $ENV{REMOTE_ADDR},
|
||||
name => defined $name ? $name : "",
|
||||
)) {
|
||||
$banned=1;
|
||||
last;
|
||||
}
|
||||
}
|
||||
|
||||
if ($banned) {
|
||||
$session->delete();
|
||||
cgi_savesession($session);
|
||||
cgi_custom_failure(
|
||||
$q->header(-status => "403 Forbidden"),
|
||||
gettext("You are banned."));
|
||||
}
|
||||
}
|
||||
|
||||
sub cgi_getsession ($) {
|
||||
|
|
|
|||
|
|
@ -2,6 +2,8 @@ ikiwiki (3.14159265) UNRELEASED; urgency=low
|
|||
|
||||
* Add French basewiki translation from the Debian French l10n team,
|
||||
including Philippe Batailler, Alexandre Dupas, and Steve Petruzzello.
|
||||
* Expand banned_users; it can now include PageSpecs, which
|
||||
allows banning by IP address.
|
||||
|
||||
-- Joey Hess <joeyh@debian.org> Wed, 02 Sep 2009 15:01:27 -0400
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,10 @@
|
|||
Banned users can be configured in the setup file.
|
||||
Banned users can be configured in the setup file via the `banned_users`
|
||||
setting. This is a list of user names, or [[PageSpecs|ikiwiki/PageSpec]]
|
||||
to ban. Using a PageSpec is useful to block an IP address.
|
||||
|
||||
For example:
|
||||
|
||||
banned_users => ['evilspammer', 'ip(192.168.1.1)'],
|
||||
|
||||
If a banned user attempts to use the ikiwiki CGI, they will receive a 403
|
||||
Forbidden webpage indicating they are banned.
|
||||
|
|
|
|||
|
|
@ -2,3 +2,6 @@ Admins need the ability to block IP ranges. They can already ban users.
|
|||
|
||||
See [[fileupload]] for a propsal that grew to encompass the potential to do
|
||||
this.
|
||||
|
||||
[[done]] (well, there is no pagespec for IP ranges yet, but we can block
|
||||
individual IPs)
|
||||
|
|
|
|||
Loading…
Reference in New Issue