The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

spam bots

Discussion in 'General Discussion' started by cyanide, Sep 12, 2005.

  1. cyanide

    cyanide Well-Known Member

    Joined:
    Aug 11, 2003
    Messages:
    106
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Toronto, Canada
    Anyone else noticing a surge in form-mail spam? Auto-bots filling out contact forms.
    I know oscommerce has a vulnerability with their form
    Plus other php forms are vulnerable.

    Anyone have a recommendation for a php form that prevents this problem. ?
     
  2. gupi

    gupi Well-Known Member

    Joined:
    Apr 27, 2004
    Messages:
    125
    Likes Received:
    0
    Trophy Points:
    16
    Yes, I've noticed it, but in my case the bots are blocked by mod_security.
     
  3. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    Are you using any special mod_security rules to block the bots, or just the standard rules?
     
  4. gupi

    gupi Well-Known Member

    Joined:
    Apr 27, 2004
    Messages:
    125
    Likes Received:
    0
    Trophy Points:
    16
    I use:
    - standard rules
    - rules from http://modsecrules.monkeydev.org/ - safe ones
    - a special rule for scripts originating from geocities (a lot of them come from there):
    Code:
    # very many scripts come from geocities
    SecFilterSelective THE_REQUEST "geocities"
    
    Hope it helps you.
     
  5. nat

    nat Well-Known Member

    Joined:
    Jan 16, 2003
    Messages:
    204
    Likes Received:
    0
    Trophy Points:
    16
  6. nyjimbo

    nyjimbo Well-Known Member

    Joined:
    Jan 25, 2003
    Messages:
    1,125
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    New York
  7. gupi

    gupi Well-Known Member

    Joined:
    Apr 27, 2004
    Messages:
    125
    Likes Received:
    0
    Trophy Points:
    16
    #7 gupi, Nov 18, 2005
    Last edited: Nov 18, 2005
  8. EMS

    EMS BANNED

    Joined:
    May 10, 2003
    Messages:
    250
    Likes Received:
    0
    Trophy Points:
    0
    Hi,

    I'm using the above ruleset but have an issue with callback to php scripts from our payment provider.

    The following error is produced when worldpay tries to post data back to our server...


    406 Not Acceptable

    An appropriate representation of the requested resource /worldpay.php could not be found on this server.


    Can anyone tell me which rule is preventing the callback ?
     
  9. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    You need to check the mod_security log file to identify which filter is being tripped. Usually it's in /usr/local/apache/logs/audit_log
     
  10. EMS

    EMS BANNED

    Joined:
    May 10, 2003
    Messages:
    250
    Likes Received:
    0
    Trophy Points:
    0
    Thanks chirpy, ive done a lot of research into this since and ive got all the rules sorted now. Ive switched to the rulesets at gotroot and made some changes - its working great.
     
Loading...

Share This Page