On Mon, 16 May 2005 krystian@xxxxxxxxxxxxxx wrote: > Hello, > > Suppose an email harvester (evil) from wewillspamyou.com visits my site, > domain.com > > Is there a way for Apache to detect the user and rewrite certain text that > appears in the webpage that is served to that user? > > Here's the kicker: > > I'm looking to Apache to fulfill this need. > > I can't use php (or write some inline code in another language). Doing so > would require modifying software that I install but don't maintain (say, > pre-packaged blogging software), would require me to modify each software > each time it's updated, AND may cause instability issues if I don't notice > something particular to some software and cause me to screw up. > > Therefore, the only choice remaining is to ask someone who knows a little > bit about Apache. =) > ------------------ > Here's some elaboration on the problem: > > For instance, if I detect a visitor from spammers.com, to the webpage > delivered to that user, I want to modify (falsify) text that follows the > "mailto:"; string. > > Instead of: > mailto: personalemail@xxxxxxxxxx > > I would much rather prefer to translate text to: > mailto: bill@xxxxxxxxxxxxx > > I'm thinking: are there some plugins or instructions which permit apache > while serving a page (right before released to user) to: > > 1. search for text that matches a regex pattern > 2. then take actions (like say, invoke sed search and replace) on that text > to replace with alternate text > > Just wondering what the best way to do this would be. > > I'm wondering if there's some directives that would apply for any page > served by apache for my domain.com > ------------------ > I don't know if this can be done. At least, I don't know enough about Apache > to make a call either way. But maybe there is a hope to get this solved some > other way. > > This idea would certainly be a great way to do a little stenography kung fu > on spammers. I'm sure bill@xxxxxxxxxxxxx wouldn't mind (of course you mind, > Bill, that was a joke, please don't be mad). > > Though an easy solution: I wish to avoid using images to encode my email > strings. I really hope to find some solution using the above mentioned > teqniques. > > > Thanks for your thoughts. > -Krystian > > Possible, yes. Practical, no. I learned just recently that you can use mod_proxy_html to conditionally rewrite HTML before it's served. The impractical part would be keeping track of spam domains that keep changing, and harvester spiders that probably spoof the AGENT string anyway. Apache must rely on the name a client reports to it; it has no way of verifying that name. That name is in the HTTP header and is called AGENT. I would guess that many email harvesters randomize the AGENT string they send the server in their requests, to avoid just such a blocking strategy. And be careful that you never redirect spam to a _real_ email address - there could be legal ramifications. -- Craig Dunigan IS Technical Services Specialist (I don't know what it means, either) Middleware - Enterprise Info Systems - Department of Info Technology University of Wisconsin, Madison opinions expressed are my own, not the University's --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|