sks-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Apache setup for refusing to serve bad keys

From: John Zaitseff
Subject: Re: [Sks-devel] Apache setup for refusing to serve bad keys
Date: Tue, 19 Feb 2019 13:14:06 +1100
User-agent: NeoMutt/20170113 (1.7.2) 
Hi, all,

I previously wrote:

> [...] Here is my version for the Apache server.  It allows you to
> include the list of keys in a separate file that can be updated at
> any time without restarting/reloading the server.

I've since revised the Apache configuration file to contain:

  RewriteEngine on

  RewriteMap  badkeys     "txt:/etc/sks/apache-badkeys"
  RewriteMap  lc          int:tolower

  RewriteCond "%{REQUEST_URI}"            "^/pks/lookup"
  RewriteCond "%{QUERY_STRING}"           "op=(get|index|search|vindex)"
  RewriteCond "%{QUERY_STRING}"           "search=([^&]+)&?"
  RewriteCond "${badkeys:${lc:%1}|ok}"    "!=ok"
  RewriteRule ^/pks/lookup                - [L,G]

Yours truly,

John Zaitseff

--
John Zaitseff                   ,--_|\    The ZAP Group
Telephone: +61 2 9643 7737     /      \   Sydney, Australia
Email: address@hidden   \_,--._*   https://www.zap.org.au/
                                     v
reply via email to
[Prev in Thread] Current Thread [Next in Thread]