[Modsecurity] Spamming thru forms
Johan Segernäs
johan at sege.nu
Wed Dec 13 03:30:27 EST 2006
Wow, I openend my eyes and found the following:
http://www.securephpwiki.com/index.php/Email_Injection#modsecurity
This solved everything. Hopefully not killing to many customers. =)
Now I will shut up for a while. ;)
- Johan
tis 2006-12-12 klockan 15:35 +0100 skrev Johan Segernäs:
> Can someone build a mod_security rule based on following:
> http://f6design.com/journal/2006/12/09/securing-php-contact-forms/
>
> Maybe?
>
>
> tis 2006-12-12 klockan 09:50 +0100 skrev Johan Segernäs:
> > I have huge problems with people spamming thru our customers forms. Not
> > only to our own customers but they also inject shit load of addresses.
> > Mostly it looks like it's osCommerce contact form but I dont think it's
> > only that one.
> >
> > Anyone have a nice rule against this? Or will it block too many legal
> > forms as well?
> >
> > I'm using latest rules.conf, jitp.conf and rootkits.conf.
> >
> > _______________________________________________
> > Modsecurity mailing list
> > Modsecurity at gotroot.com
> > http://lists.gotroot.com/mailman/listinfo/modsecurity
>
> _______________________________________________
> Modsecurity mailing list
> Modsecurity at gotroot.com
> http://lists.gotroot.com/mailman/listinfo/modsecurity
More information about the Modsecurity
mailing list