[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Apache setup for refusing to serve bad keys
From: |
John Zaitseff |
Subject: |
Re: [Sks-devel] Apache setup for refusing to serve bad keys |
Date: |
Tue, 19 Feb 2019 13:14:06 +1100 |
User-agent: |
NeoMutt/20170113 (1.7.2) |
Hi, all,
I previously wrote:
> [...] Here is my version for the Apache server. It allows you to
> include the list of keys in a separate file that can be updated at
> any time without restarting/reloading the server.
I've since revised the Apache configuration file to contain:
RewriteEngine on
RewriteMap badkeys "txt:/etc/sks/apache-badkeys"
RewriteMap lc int:tolower
RewriteCond "%{REQUEST_URI}" "^/pks/lookup"
RewriteCond "%{QUERY_STRING}" "op=(get|index|search|vindex)"
RewriteCond "%{QUERY_STRING}" "search=([^&]+)&?"
RewriteCond "${badkeys:${lc:%1}|ok}" "!=ok"
RewriteRule ^/pks/lookup - [L,G]
Yours truly,
John Zaitseff
--
John Zaitseff ,--_|\ The ZAP Group
Telephone: +61 2 9643 7737 / \ Sydney, Australia
Email: address@hidden \_,--._* https://www.zap.org.au/
v