Name

LockoutCommand — specify command to run in order to lock a client out of the site

SYNOPSIS

command

DESCRIPTION

The directive specifies the command (as it would be entered from the shell) that will somehow prevent the remote IP from accessing the Interchange catalog, or the whole system.

The IP address will be substituted for the first occurrence of the string %s (which might remind you of printf format specifiers). The command will be executed under the Interchange user ID, so you'll have to fine-tune the system privileges, or use sudo-like tools.

DIRECTIVE TYPE AND DEFAULT VALUE

Global directive

EXAMPLES

Example: Preventing access to the system with ipfwadm

Put the following in interchange.cfg:

LockoutCommand ipfwadm -I -i deny -S %s

Note that the ipfwadm filtering system was used in Linux 2.0.* kernels, and is now largely obsolete.


NOTES

A script could be written which would modify the appropriate access control files, such as .htaccess (Web server-level) or /etc/hosts.deny (TCP Wrappers-level), to do another level of lockout.

Even a simple command line along the lines of perl -0777 -npi -e 's/deny/deny from %s\ndeny/' /path/to/cgi-bin/.htaccess would work as well.

AVAILABILITY

LockoutCommand is available in Interchange versions:

4.6.0-5.9.0 (git-head)

SOURCE

Interchange 5.9.0:

Source: lib/Vend/Config.pm
Line 494

['LockoutCommand',    undef,             ''],

AUTHORS

Interchange Development Group

SEE ALSO

CreditCardAuto(7ic), DomainTail(7ic), DNSBL(7ic), RobotLimit(7ic), OrderLineLimit(7ic)

DocBook! Interchange!