Thanks to the good people at AOL, I've discovered that some hackers are abusing the contact forms hosted at our site and subhosted clients.
As I've done a little reading it appears that some hackers just look for popular forms by name, i.e., contact.pl, formmail.cgi, etc.
Would changing the names of these forms to something tough to guess (at least by a mindless computer) be a good defense against the average hacker?
I.e., clientnamecontact.pl, instead of just contact.pl?
Thanks in advance for any ideas...
Greg K posted this at 19:58 — 26th September 2005.
He has: 1,667 posts
Joined: Nov 2003
Change not only the name of the program as you asked, but also change any "Standard" form field names.
There is a similar thread not to long ago on this topic. If I can find it, I'll edit this and post it.
-Greg
[This space intentionally left blank]
Cool Geek Supplies: www.ThinkGeek.com
Tudor.b posted this at 20:52 — 3rd October 2005.
They have: 35 posts
Joined: Jun 2004
Mr. Geek of the Week is partially right, you should change any standard names of the fields, like email, or name. But the bots are also getting smarter: not knowing witch textfield is witch, they enter raw headers in all of them.
I don`t know perl, but in PHP, you can do something like this to parse all the POST data for unwanted headers:
foreach ($_POST as $post_data)
)if (eregi("/content-type|mime-type/", $post_data)
{
// unwanted headers
die ("Da-te-n gatu` ma-tii"); // well...something "nice" for the bot
}
'
www.it-base.ro