Re: Freeze Break Request. Make it so marketing spam does not work.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

+1, easy revert if it goes wrong.

-Ricky

On 04/14/2015 06:49 PM, Patrick Uiterwijk wrote:
> 
> 
> With kind regards,
> Patrick Uiterwijk
> Fedora Infra
> 
> ----- Original Message -----
>> commit fb17ed59701ceb8f76d5b400e96c3503091eb9e6
>> Author: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
>> Date:   Tue Apr 14 21:01:19 2015 +0000
>>
>>     Actually deny mailman GET subscriptions
>>
>>     The mailman form does POST, and this is a lot of spam bots.
>>     The mod_rewrite does not work because it is not processed since
>>     the ScriptAlias directive takes precedense.
>>
>>     Signed-off-by: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
>>
>> diff --git a/modules/mailman/templates/mailman_httpd_config.erb
>> b/modules/mailman/templates/mailman_httpd_config.erb
>> index 43e5eb3..59a5dc7 100644
>> --- a/modules/mailman/templates/mailman_httpd_config.erb
>> +++ b/modules/mailman/templates/mailman_httpd_config.erb
>> @@ -2,6 +2,13 @@
>>  #  httpd configuration settings for use with mailman.
>>  #
>>
>> +<Location /mailman/subscribe>
>> +    <Limit GET>
>> +        Order deny,allow
>> +        Deny from all
>> +    </Limit>
>> +</Location>
>> +
>>  Alias /mailman/icons /var/www/icons
>>  ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/
>>  <Directory /usr/lib/mailman/cgi-bin/>
>> @@ -19,13 +26,5 @@ Alias /pipermail/ /var/lib/mailman/archives/public/
>>      Allow from all
>>  </Directory>
>>
>> -# redirect queries to /mailman to the listinfo page
>> -
>> -
>> -<IfModule mod_rewrite.c>
>> -    RewriteEngine on
>> -    RewriteCond %{REQUEST_METHOD} GET
>> -    RewriteRule ^/mailman/subscribe/(.*) / [R]
>> -</IfModule>
>>
>>  RedirectMatch ^/mailman[/]*$ https://<%= mailman_default_url_host
>> %>/mailman/listinfo
>>
>>
>> --
>> Stephen J Smoogen.
>>
> 
> 
> I'm obviously +1 to this patch, but I'm not sure I really count as one :)
> _______________________________________________
> infrastructure mailing list
> infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/infrastructure
>

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure
[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux