BCC/php spam email and a fix

eth00 writes: So I am sure if you are running a cPanel server you are having the exact same trouble as we have been having the last week, lots of spam! It appears there is somebody in this world that has decided to write a rather efficient script that searches for webforms then sends spam via php and bcc.


The first quick fix was to enable safe_mode but that obviouslly gets a fair amount of webhosting clients pretty bad. I have been working with mod_security and come up with a pretty simple rule that should help:




SecFilterSelective
THE_REQUEST “bcc:|Bcc:|BCc:|BCC:|bCc:|bCC:|bcC:|BcC:”

What that will do is search first for the bcc, Bcc, etc then look for com, org, or net in a url. I was trying to filter it looking for an @ symbol but I was having trouble with apache picking it up. I figure if they are not spamming to one of those TDLs it is probably not a very big attack. If you want to protect more simply add to the list, remember all it has to do is catch one and it blocks the entire request.

Enjoy 🙂

http://www.eth0.us/node/70

Facebook Comments

More Stuff

Get Codebender IDE Editor: Lifetime Subscription by Ravi Saive | Published: November 1, 2017 | November 1, 2017Arduino is a popular, open-source electronics platform based on easily operated hardw...
What Happens When Facebook Mistakenly Blocks Local News Stories In July, Danielle Bostick joined a nationwide movement against sexual violence on school campuses when she made a Facebook page for her daughter. “Jus...
How to Backup Your Files to Amazon S3 Using CloudBerry Backup on L... Amazon Simple Storage Service (S3) allows modern businesses to store their data, collect it from a wide variety of sources, and easily analyze it from...
How to Change and Secure Default PhpMyAdmin Login URL By default, the login page of phpmyadmin is located at http:///phpmyadmin. The first thing that you will want to do is changing that...
Spread the love