[Modsecurity] Spamming thru forms
Michael Shinn
mike at gotroot.com
Wed Dec 13 13:35:41 EST 2006
There is already a rule for this in the blacklist.conf file. That file
may be too intense for some systems, but let me know if those rules work
for you to stop spam. I'm working on a lighter weight set of rules for
antispam, minus the actual spam blacklist itself.
On Wed, 2006-12-13 at 09:30 +0100, Johan Segernäs wrote:
> Wow, I openend my eyes and found the following:
> http://www.securephpwiki.com/index.php/Email_Injection#modsecurity
>
> This solved everything. Hopefully not killing to many customers. =)
>
>
> Now I will shut up for a while. ;)
>
> - Johan
>
> tis 2006-12-12 klockan 15:35 +0100 skrev Johan Segernäs:
> > Can someone build a mod_security rule based on following:
> > http://f6design.com/journal/2006/12/09/securing-php-contact-forms/
> >
> > Maybe?
> >
> >
> > tis 2006-12-12 klockan 09:50 +0100 skrev Johan Segernäs:
> > > I have huge problems with people spamming thru our customers forms. Not
> > > only to our own customers but they also inject shit load of addresses.
> > > Mostly it looks like it's osCommerce contact form but I dont think it's
> > > only that one.
> > >
> > > Anyone have a nice rule against this? Or will it block too many legal
> > > forms as well?
> > >
> > > I'm using latest rules.conf, jitp.conf and rootkits.conf.
> > >
> > > _______________________________________________
> > > Modsecurity mailing list
> > > Modsecurity at gotroot.com
> > > http://lists.gotroot.com/mailman/listinfo/modsecurity
> >
> > _______________________________________________
> > Modsecurity mailing list
> > Modsecurity at gotroot.com
> > http://lists.gotroot.com/mailman/listinfo/modsecurity
>
> _______________________________________________
> Modsecurity mailing list
> Modsecurity at gotroot.com
> http://lists.gotroot.com/mailman/listinfo/modsecurity
--
Michael T. Shinn KeyID:0xDAE2EC86
Key Fingerprint: 1884 E657 A6DF DF1B BFB9 E2C5 DCC6 5297 DAE2 EC86
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xDAE2EC86
Got Root? http://www.gotroot.com
modsecurity rules: http://www.modsecurityrules.com
Troubleshooting Firewalls: http://troubleshootingfirewalls.com
More information about the Modsecurity
mailing list