[Modsecurity] Formmail
Michael S.
admin at thenamegame.com
Wed Apr 5 14:17:52 EDT 2006
You should be so fortunate that those rules exist! We don't allow formmail
on any of our 220 servers so those rules are a god send. If you're into
spammers and having your server shutdown for outbound spam, by all means
remove them. I could never understand in a million years why there are so
many server admins who are so blind to issue that formmail creates, doesn't
matter how recent the version, it's always vuln! I guess there are some
server admins who don't know any better. A big of education would be in
order.
Good day.
-----Original Message-----
From: modsecurity-bounces at gotroot.com
[mailto:modsecurity-bounces at gotroot.com] On Behalf Of Mike Cardwell
Sent: Wednesday, April 05, 2006 11:17 AM
To: modsecurity at gotroot.com
Subject: [Modsecurity] Formmail
I don't get why these rules exist in jitp.conf:
SecFilterSelective THE_REQUEST "GET .*/formmail\.pl
HTTP\/(0\.9|1\.0|1\.1)$"
SecFilterSelective THE_REQUEST "HEAD .*/formmail\.pl
HTTP\/(0\.9|1\.0|1\.1)$"
SecFilterSelective THE_REQUEST "POST .*/formmail\.pl
HTTP\/(0\.9|1\.0|1\.1)$"
They're basically blocking all formmail requests... The POST one is
particularly bad.
Mike
--
Digital photo printing: http://www.fotoserve.com/
_______________________________________________
Modsecurity mailing list
Modsecurity at gotroot.com
http://lists.gotroot.com/mailman/listinfo/modsecurity
More information about the Modsecurity
mailing list