pegasus/unrealircd
1
0
Fork 0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-06-24 10:16:37 +02:00
Code Activity
Files
ab50bf2afc008da48f6b94de21bf223cd23ca4d8
unrealircd/doc/conf/modules.optional.conf
T
Bram Matthys bb0530f694 In the authprompt documentation point the user to (possibly) tweaking 
the set::handshake-timeout setting as well.
2018-12-21 13:24:25 +01:00

200 lines
7.4 KiB
Plaintext
Raw Blame History

/* This file will load all optional modules. These are features that
* not everyone will use or are considered experimental.
* You can include this file from your unrealircd.conf like this:
* include "modules.optional.conf";
* OR... and this is probably a better idea... you can copy-paste it
* to another file where you do your own customizations.
*
* DO NOT EDIT THIS FILE! IT WILL BE OVERWRITTEN DURING NEXT UPGRADE!!
* If you want to customize, make a copy of this file (for example
* name it modules.custom.conf) and edit it.
* Then include that file from your unrealircd.conf instead of this one.
*/
/*** Commands ***/
// This add the /IRCOPS command: A more visual way for users
// to see which IRCOps are online.
loadmodule "m_ircops";
// This adds the /STAFF command: This command simply displays
// a text file that you can configure here:
loadmodule "m_staff";
set { staff-file "network.staff"; };
/*** Channel modes ***/
// The following module ('nocodes') is not a true channel mode.
// It simply enhances the existing channel mode +S/+c to include
// stripping/blocking of bold, underline and italic text.
loadmodule "nocodes";
/*** Other ***/
// The hideserver module will hide /MAP and /LINKS to regular users.
// It does not truly enhance security as server names can still be
// seen at other places.
loadmodule "hideserver";
// The antirandom module will kill or *line users that have a nick,
// ident and/or realname that is considered "random".
// This helps to combat simple botnets/drones.
// Note that failure to set the right settings may ban innocent users.
// This is especially true if you are on a non-English network where
// the module may consider a sequence of characters "random" even though
// it is a perfectly pronounceable word in your language.
loadmodule "antirandom";
set {
antirandom {
/* THRESHOLD:
* This is pretty much the most important setting of all.
* For every randomly looking ident the user gets a certain amount of
* 'points', if this value reaches 'threshold' then the appropriate
* action is taken (killed, *lined, see later on).
* lower = more randomly looking users will be catched (but also more
* innocent users)
* higher = less chance of innocent users getting killed, but also less
* chance on bots getting catched.
* <2: DON'T!!
* 4: Works good, probably a few more innocent kills but if you got
* quite a bot problem then this might be a useful setting.
* 5: Works well with few innocent kills, probably good to begin with.
* 6: If you want to be a tad more careful
* >6: For the paranoid. Module can still be quite effective, though :)
*/
threshold 7;
/* BAN-ACTION:
* Action to take whenever the user is catched as random, options:
* warn, kill, gline, gzline, kline, zline, shun, tempshun
*/
ban-action kill;
/* BAN-TIME:
* Time to ban the user (irrelevant for tempshun/kill).
* Something between 1 hour and 2 days is recommended.
* If you set it higher than 3 or 4 days then you get quite a risk
* of catching innocent users due to dynamic IP, not to mention
* your *line list gets filled up... so choose it wisely.
*/
ban-time 4h;
/* BAN-REASON:
* The ban (or kill) reason to use.
* You might want to put in an entry to a FAQ or an email address
* where users can mail if they have been catched and don't know what to do.
* NOTE: One of the various reasons that ""innocent users"" are catched is
* if they just randomly type in info for their nick, ident, or realname.
*/
ban-reason "You look like a bot. Be sure to fill in your nick/ident/realname properly.";
/* CONVERT-TO-LOWERCASE:
* Convert nicks, idents, and realnames to lowercase before doing random checks?
* This has not been tested extensively for false positives, but might be (very)
* helpful to catch GnStA5FYhiTH51TUkf style random nicks as random.
* Enabled by default.
*/
convert-to-lowercase yes;
/* FULLSTATUS-ON-LOAD:
* If enabled, then upon loading it will check all users that are currently
* connected and give a status report about who it would have killed.
* Note that it doesn't actually kill any currently connected users, it is for
* informative purposes only.
* This can be (very) useful if you use the module for the first time.
* But you probably want to disable it after a while, since once the module
* is actively dealing with randomly looking persons, it shouldn't report any
* users anymore on load and then this check only eats useless CPU on /REHASH.
* Enabled by default.
*/
fullstatus-on-load yes;
/* SHOW-FAILEDCONNECTS:
* This will send out a notice whenever a randomly looking user has been catched
* during connecting. Obviously this can be pretty noisy.
* Especially recommended to enable during the first few days you use this module.
*/
show-failedconnects yes;
/* EXCEPT-HOSTS:
* Hostmasks on this list are matched against the IP and hostname of the connecting
* user. If it matches then we do not check if the nick/ident/realname is random.
* NOTE: Use the REAL host or IP here, not any cloaked hosts!
*/
except-hosts {
mask 192.168.*;
mask 127.*;
};
/* EXCEPT-WEBIRC:
* This will make antirandom not check connections from WEBIRC gateways.
* ( see https://www.unrealircd.org/docs/WebIRC_block )
* It seems WEBIRC connections frequently cause false positives so the
* default is 'yes'.
*/
except-webirc yes;
};
};
// This adds websocket support. For more information, see:
// https://www.unrealircd.org/docs/WebSocket_support
loadmodule "websocket";
// This adds support for WHOX
// This is currently experimental!
loadmodule "m_whox";
// This module will detect and stop spam containing of characters of
// mixed "scripts", where (for example) some characters are in
// Latin script and other characters are in Cyrillic script.
loadmodule "antimixedutf8";
set {
antimixedutf8 {
/* Take action at this 'score'.
* 10 is a good and safe default.
*/
score 10;
/* Action to take, see:
* https://www.unrealircd.org/docs/Actions
*/
ban-action block;
/* Block/kill/ban reason (sent to user) */
ban-reason "Possible mixed character spam";
/* Duration of ban (does not apply to block/kill) */
ban-time 4h; // For other types
};
};
// This provides an authentication prompt if a user is forced to
// authenticate due to a 'require authentication' block or for
// some other reason. It tells them to use SASL or type /AUTH user:pass
// See also the following article for more general information:
// https://www.unrealircd.org/docs/Authentication
// NOTE: This feature is currently experimental.
loadmodule "authprompt";
set {
authentication-prompt {
/* Enabled or not? */
enabled yes;
message "The server requires clients from this IP address to authenticate with a registered nickname and password.";
message "Please reconnect using SASL, or authenticate now by typing: /QUOTE AUTH nick:password";
/* As you can see you can have multiple 'message' items.
* It may be useful to refer to a webpage for more
* information and/or where users can register their nick.
*/
//fail-message "Authentication failed";
/* Multiple fail-message lines are also supported */
};
};
// If you use the authprompt module then you may want to raise the
// timeout in which users must complete the handshake.
// By uncommenting the following, you can raise it from 30 to 60 seconds:
// set { handshake-timeout 60s; };
View Git Blame Copy Permalink