Re: [mod-security-users] How do I block mail attempts?
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] How do I block mail attempts?
|
From: Ivan R. <iv...@we...> - 2005-01-30 22:42:50
|
> I am talking about HTTP POST/PUT relaying, which can be exploited
> by encoding SMTP requests into HTTP POST data (or a PUT request
> in the same format). Example:
I am guessing you have a reason for running a proxy on
that web server?
Try this (Apache 2.x syntax):
<Proxy *>
RewriteEngine On
# Do not allow proxy requests to target port 25 (SMTP)
RewriteRule "^proxy:[a-z]*://[^/]*:25(/|$)" "-" [F,NC,L]
</Proxy>
It is probably possible to do something with mod_security too
but I don't have time at the moment to verify it. On the other
hand I know the solution above works
--
Ivan Ristic (http://www.modsecurity.org)
|
