rules/rbl_lookup.conf

   1 <IfModule mod_security2.c>
   2
   3         # Defines the path to the geographical database file.
   4         #
   5         SecGeoLookupDb /usr/share/GeoIP/GeoIP.dat
   6         #SecGeoLookupDb /usr/share/GeoIP/GeoLiteCity.dat
   7
   8         # Skip RBL lookup for localhost.
   9         #
  10         SecRule REMOTE_ADDR "^127\.0\.0\.1$" "phase:2,pass,nolog,t:none,skip:2"
  11
  12         # GeoLookup - skip RBL lookup for HR address.
  13         #
  14         SecRule REMOTE_ADDR "@geoLookup" "phase:2,chain,pass,nolog,t:none,skip:1"
  15         SecRule GEO:COUNTRY_CODE "^HR$" "t:none"
  16
  17         # RBL lookup using xbl.dnsbl-sh.carnet.hr.
  18         #
  19         SecRule REMOTE_ADDR "@rbl xbl.dnsbl-sh.carnet.hr" "phase:2,log,deny,status:500,t:none,msg:'RBL: xbl.dnsbl-sh.carnet.hr',severity:'1'"
  20
  21 </IfModule>