The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to ban a certain filename from the system?

Discussion in 'General Discussion' started by cretu, May 20, 2004.

  1. cretu

    cretu Well-Known Member

    Joined:
    Jul 21, 2002
    Messages:
    208
    Likes Received:
    0
    Trophy Points:
    16
    Hi All,

    This might sound like a stupid question, but, hear me out.

    We have a spammer, using different IP addresses each time he signs up for the plan, so he's submission looks legimite and we after he initiates "Spam script" from our servers, blocking his IP does not help at all.

    Anyway, he's always using same method to spam: he FTPs Perl script called "pvdmail.pl", in the same folder and runs it against flat database file. Of course, we have limit of e-mail sent set in WHM and SIM notification when load goes up, but when we turn attention to load and account spamming, he's usually able to send anywhere from 150 to 250 messages.

    Here's my questions, is there a trick.hack.method to stop/ban certain file name from even running? IN this case it would be "pvdmail.pl". This might save us lots of trouble (well, until, he renames the script).

    Please let me know.

    I appreciate it!

    Cretu
     
  2. noimad1

    noimad1 Well-Known Member

    Joined:
    Mar 27, 2003
    Messages:
    627
    Likes Received:
    0
    Trophy Points:
    16
    Where you able to figure this one out?
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
  4. noimad1

    noimad1 Well-Known Member

    Joined:
    Mar 27, 2003
    Messages:
    627
    Likes Received:
    0
    Trophy Points:
    16
    Yea...I use pure-ftp....

    I have a problem with one specific customer and a file of his....I know he could re-name the file, but I am testing him out on something. It's kind of a long story....
     
  5. Damian

    Damian Well-Known Member

    Joined:
    Oct 1, 2001
    Messages:
    95
    Likes Received:
    1
    Trophy Points:
    8
    Adding the following to the top of your httpd.conf file should stop the file from doing anything useful.

    RedirectMatch ^.*\pvdmail\.cgi > /dev/null

    Remember to restart Apache after adding the line.

    You may also want to add others, to cater for any variants that he chooses to use. e.g.

    RedirectMatch ^.*\pvdmail\.pl > /dev/null
    RedirectMatch ^.*\Pvdmail\.* > /dev/null
    RedirectMatch ^.*\PVDMAIL\.* > /dev/null
    etc....
     
  6. noimad1

    noimad1 Well-Known Member

    Joined:
    Mar 27, 2003
    Messages:
    627
    Likes Received:
    0
    Trophy Points:
    16
    Thanks, I will give that a try...BTW, cool name.

    Regards,
    Damion
     
Loading...

Share This Page