Re: protecting against exploiting mail forms
Marek Podmaka wrote:
Saturday, November 19, 2005, 19:32:47, Luc Stroobant wrote:
LS> SecFilter "To\:"
LS> SecFilter "to\:"
LS> SecFilter "From\:"
LS> SecFilter "from\:"
LS> SecFilter "Cc\:"
LS> SecFilter "cc\:"
LS> SecFilter "Bcc\:"
LS> SecFilter "bcc\:"
These break a lot other scripts (including webmail). It matches for
example text "mailto:something" and many other. I have modified it
by prepending "\n" to each of this and for now it seems ok.
Webmail will be a problem with these rules, indeed. In our case, users
are not supposed to host such apps. I guess when somebody tries to post
a mailheader on a forum you'll run in troubles with your rules too...
But I had to enable SecFilterScanPOST and it breaks some more
things... Do you know what this error means?
Error: chunked Transfer-Encoding forbidden: /chat/f_upload.php
mod_security-message: Access denied with code 500. ap_setup_client_block failed with 411
Probably this one: