Expand banned_users; it can now include PageSpecs, which allows banning by IP address.
parent
064b507c53
commit
55474f44d9
|
@ -252,16 +252,30 @@ sub check_banned ($$) {
|
||||||
my $q=shift;
|
my $q=shift;
|
||||||
my $session=shift;
|
my $session=shift;
|
||||||
|
|
||||||
|
my $banned=0;
|
||||||
my $name=$session->param("name");
|
my $name=$session->param("name");
|
||||||
if (defined $name) {
|
if (defined $name &&
|
||||||
if (grep { $name eq $_ } @{$config{banned_users}}) {
|
grep { $name eq $_ } @{$config{banned_users}}) {
|
||||||
$session->delete();
|
$banned=1;
|
||||||
cgi_savesession($session);
|
}
|
||||||
cgi_custom_failure(
|
|
||||||
$q->header(-status => "403 Forbidden"),
|
foreach my $b (@{$config{banned_users}}) {
|
||||||
gettext("You are banned."));
|
if (pagespec_match("", $b,
|
||||||
|
ip => $ENV{REMOTE_ADDR},
|
||||||
|
name => defined $name ? $name : "",
|
||||||
|
)) {
|
||||||
|
$banned=1;
|
||||||
|
last;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($banned) {
|
||||||
|
$session->delete();
|
||||||
|
cgi_savesession($session);
|
||||||
|
cgi_custom_failure(
|
||||||
|
$q->header(-status => "403 Forbidden"),
|
||||||
|
gettext("You are banned."));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
sub cgi_getsession ($) {
|
sub cgi_getsession ($) {
|
||||||
|
|
|
@ -2,6 +2,8 @@ ikiwiki (3.14159265) UNRELEASED; urgency=low
|
||||||
|
|
||||||
* Add French basewiki translation from the Debian French l10n team,
|
* Add French basewiki translation from the Debian French l10n team,
|
||||||
including Philippe Batailler, Alexandre Dupas, and Steve Petruzzello.
|
including Philippe Batailler, Alexandre Dupas, and Steve Petruzzello.
|
||||||
|
* Expand banned_users; it can now include PageSpecs, which
|
||||||
|
allows banning by IP address.
|
||||||
|
|
||||||
-- Joey Hess <joeyh@debian.org> Wed, 02 Sep 2009 15:01:27 -0400
|
-- Joey Hess <joeyh@debian.org> Wed, 02 Sep 2009 15:01:27 -0400
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,10 @@
|
||||||
Banned users can be configured in the setup file.
|
Banned users can be configured in the setup file via the `banned_users`
|
||||||
|
setting. This is a list of user names, or [[PageSpecs|ikiwiki/PageSpec]]
|
||||||
|
to ban. Using a PageSpec is useful to block an IP address.
|
||||||
|
|
||||||
|
For example:
|
||||||
|
|
||||||
|
banned_users => ['evilspammer', 'ip(192.168.1.1)'],
|
||||||
|
|
||||||
If a banned user attempts to use the ikiwiki CGI, they will receive a 403
|
If a banned user attempts to use the ikiwiki CGI, they will receive a 403
|
||||||
Forbidden webpage indicating they are banned.
|
Forbidden webpage indicating they are banned.
|
||||||
|
|
|
@ -2,3 +2,6 @@ Admins need the ability to block IP ranges. They can already ban users.
|
||||||
|
|
||||||
See [[fileupload]] for a propsal that grew to encompass the potential to do
|
See [[fileupload]] for a propsal that grew to encompass the potential to do
|
||||||
this.
|
this.
|
||||||
|
|
||||||
|
[[done]] (well, there is no pagespec for IP ranges yet, but we can block
|
||||||
|
individual IPs)
|
||||||
|
|
Loading…
Reference in New Issue