Magpie [example script] being used for spamming!!
Status: Beta
Brought to you by:
kellan
Menu
▾
▴
#5 Magpie [example script] being used for spamming!!
I use magpie 0.4 on my website for a BBC news feed -
its been really great! BUT... It's been brought to my
attention that magpie has been hijacked as part of an
ebay scam. Here's a sample entry in my access logs:
*.*.*.* - - [09/Jul/2003:04:34:46 +0100] "GET
/magpierss-0.4/scripts/smarty_plugin/thanks.htm?ebay.com?send=DATA=SabuKatVpl37b2oajbszrQTbuKatVpl37b2oajbszrQTGVnCTmsPv&a=18987978%20buKatVpl37b2oajbszrQTGVnCTmsPv&a=18987978%20GVnCTmsPv&a=18987978%20szrQTGVnCTms
HTTP/1.1" 200 4026
"http://www.webhostgb.com/ianstest/aw/sec.htm?ebay.com/aw-cgi/eBayISAPI.dll?SignIn&pUserId=sdfsdf&co_partnerId=2&siteid=0&pageType=-1&errmsg=8&pa1=&i1=-1DATA=SabuKatVpl37b$$jbabuKatVpl37b2ol37b2oaabuKatVpl37b2oaszrQTGVnCTmsPv&a/20%25&UsingSSL=0&bshowgif=0"
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;
Q312461; Roadrunner)"
anyway.. here's my access log for you guys to pour
over. If I can spot an obvious fix I'll post it.
UPDATE: I've moved the offending html files in the
smarty directory to a subdir and that doesnt seem to
impede the RSS fetch. Hopefully this should resolve the
issue.
apache access log
Logged In: YES
user_id=22657
The scripts are examples of how to use the code and are not
meant to be used in production. Nor will removing them
effect the functionality of your site in any way.