Re: [mod-security-users] Wrong post trigger
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Wrong post trigger
|
From: Gerwin K. -|- D. W. <ge...@di...> - 2005-12-16 08:42:12
|
He Justin,
We do install it on a private server (i still not agree on your opinion
though), I rather see php adding a solution for it.
Greetings,
On Friday 16 December 2005 09:33, Justin Grindea wrote:
> Gerwin,
>
> Unless this is a dedicated server in which you have absolute control on the
> scripts, I find these techniques more hurting than adding something...
>
> We are using shared servers here and anything we tried gave false
> positives.
>
> We are hitting the issue from a different pov - installing spam-assassin on
> the gateway and quarantining the suspected spam messages for later review.
> If we find false positives, we instruct the client on how to fix it (mainly
> modify the email text).
> Adding spamhaus/spamcop with a big score in spam-assassin does the trick,
> many spammers are blacklisted or use zombies to send spam which are also
> getting listed fast in the bls.
>
> happy spam fighting,
>
> Justin
>
> Gerwin Krist -|- Digitalus Webhosting wrote:
> > Hey there my fellow list readers. I was testing some new rules (mostly
> > for php email injection rules), for this it was required to have ScanPOST
> > on.
> >
> > I have the following rule:
> > SecFilterSelective ARGS_VALUES
> > "(http:/).+(\.txt|\.jpg|\.dat|\.gif|\.jpeg \.ini|\:[0-9]{1,9})"
> > Which should check for remote locations in server arguments (GET) only
> > right? Well mod_security also triggers it when I put a remote location in
> > an email form. Am I making a thinking error here? Maybe I looked to long
> > to this issue :)
>
> -------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc. Do you grep through log
> files for problems? Stop! Download the new AJAX search engine that makes
> searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
> http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
--
Met vriendelijke groet/With kind regards,
Gerwin Krist
Digitalus
First-class Internet Webhosting
(w) http://www.digitalus.nl
(e) gerwin at digitalus.nl
(p) PGP-ID: 79B325D4
(t) +31 (0) 598 630000
(f) +31 (0) 598 631860
***************************************************************************************
This message may contain information which is confidential or privileged.
If you are not the intended recipient, please advise the sender immediately
by reply e-mail and delete this message and any attachments without
retaining
a copy.
***************************************************************************************
|
