Freeze Break Request. Make it so marketing spam does not work.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



commit fb17ed59701ceb8f76d5b400e96c3503091eb9e6
Author: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
Date:   Tue Apr 14 21:01:19 2015 +0000

    Actually deny mailman GET subscriptions
    
    The mailman form does POST, and this is a lot of spam bots.
    The mod_rewrite does not work because it is not processed since
    the ScriptAlias directive takes precedense.
    
    Signed-off-by: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>

diff --git a/modules/mailman/templates/mailman_httpd_config.erb b/modules/mailman/templates/mailman_httpd_config.erb
index 43e5eb3..59a5dc7 100644
--- a/modules/mailman/templates/mailman_httpd_config.erb
+++ b/modules/mailman/templates/mailman_httpd_config.erb
@@ -2,6 +2,13 @@
 #  httpd configuration settings for use with mailman.
 #
 
+<Location /mailman/subscribe>
+    <Limit GET>
+        Order deny,allow
+        Deny from all
+    </Limit>
+</Location>
+
 Alias /mailman/icons /var/www/icons
 ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/
 <Directory /usr/lib/mailman/cgi-bin/>
@@ -19,13 +26,5 @@ Alias /pipermail/ /var/lib/mailman/archives/public/
     Allow from all
 </Directory>
 
-# redirect queries to /mailman to the listinfo page
-
-
-<IfModule mod_rewrite.c>
-    RewriteEngine on
-    RewriteCond %{REQUEST_METHOD} GET
-    RewriteRule ^/mailman/subscribe/(.*) / [R]
-</IfModule>
 
 RedirectMatch ^/mailman[/]*$ https://<%= mailman_default_url_host %>/mailman/listinfo

--
Stephen J Smoogen.

_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure

[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux