commit 19a1c25901e60e00e9f29b95c47d3693255e6ddf
Author: David Fifield <david(a)bamsoftware.com>
Date: Tue Sep 30 22:15:27 2014 -0700
Add "DOSLogDir /dev/null" to the example Apache configuration.
By default, mod_evasive creates a file in /tmp for every blocked client,
with a name like dos-<IP address>. I didn't know this was going on, and
found 1,659 such files on the facilitator dating back to May 2013. The
contents of each file is just a PID, I think.
This configuration option prevents the creation of such files. Blocked
IP addresses still turn up, however, in the error.log that is not
disabled, in lines that look like
[DATE] [error] [client X.X.X.X] client denied by server configuration: /usr/local/bin/facilitator.cgi
---
facilitator/examples/fp-facilitator.conf.in | 3 +++
1 file changed, 3 insertions(+)
diff --git a/facilitator/examples/fp-facilitator.conf.in b/facilitator/examples/fp-facilitator.conf.in
index f0e3968..bc86251 100644
--- a/facilitator/examples/fp-facilitator.conf.in
+++ b/facilitator/examples/fp-facilitator.conf.in
@@ -27,4 +27,7 @@ MaxClients 256
# requires mod_headers
Header add Strict-Transport-Security "max-age=15768000"
+
+ # Disable creation of dos-* log files in /tmp.
+ DOSLogDir /dev/null
</VirtualHost>