Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

078274121, info0a ip, should prodicers of software_based services be held liable or not liable for economic injuries, should producers of soft ware based services such as ATMs be held liable for economic injuries suffered when their systems fail?, nisc wwwxxx, wwwxxx0cm, should producers of software-based services, such as atms, be held liable for economic injuries suffered when their systems fail?, wwwxxx0cm, www.webdp.net, Event 9 IIS log failed to write entry

Links

XODOX
Impressum

#1: POST request interception

Posted on 2008-04-11 20:12:38 by patpro

Hello,

I've setup an antispam for my blog, so that presumed spammers can only
GET/HEAD, but POST is denied.
I'm serving a special 403 as a result of a denied POST request, and I
would like to retrieve and log the content of this POST. Unfortunately,
my 403.php file won't see any content in $_POST.

So if I understand correctly, the POST request is not forwarded to the
final document:

spammer request : POST some data to /some/page.php
apache : denies POST and serves 403.php

Is there any way to intercept POST request content when POST is denied ?

thanks,

patpro

--
A vendre : KVM IP 16 ports APC
http://patpro.net/blog/index.php/2008/01/12/133

Report this message

#2: Re: POST request interception

Posted on 2008-04-12 12:56:02 by unknown

Post removed (X-No-Archive: yes)

Report this message

#3: Re: POST request interception

Posted on 2008-04-12 14:22:32 by patpro

In article <slrng015b1.3hh.davideyeahsure@fogg.onlyforfun.net>,
Davide Bianchi <davideyeahsure@onlyforfun.net> wrote:

> On 2008-04-11, patpro ~ patrick proniewski <patpro@boleskine.patpro.net>
> wrote:
> > spammer request : POST some data to /some/page.php
> > apache : denies POST and serves 403.php
>
> I think that Apache doesn't deny anything, and the deny/allow process is
> done in your /some/page.php, so do the interception and loggin there.

Currently, I'm using :

ErrorDocument 403 /403_post.php
<LimitExcept GET>
Deny from env=GoAway
</LimitExcept>

so Apache does deny POST requests from supposed spammers. I don't really
want to change this apache configuration based antispam by a full php
interception on every POST on the server.

patpro

--
A vendre : KVM IP 16 ports APC
http://patpro.net/blog/index.php/2008/01/12/133

Report this message

#4: Re: POST request interception

Posted on 2008-04-14 13:55:19 by patpro

In article <patpro-CF417F.14223212042008@news-1.proxad.net>,
patpro ~ patrick proniewski <patpro@boleskine.patpro.net> wrote:

> In article <slrng015b1.3hh.davideyeahsure@fogg.onlyforfun.net>,
> Davide Bianchi <davideyeahsure@onlyforfun.net> wrote:
>
> > On 2008-04-11, patpro ~ patrick proniewski <patpro@boleskine.patpro.net>
> > wrote:
> > > spammer request : POST some data to /some/page.php
> > > apache : denies POST and serves 403.php
> >
> > I think that Apache doesn't deny anything, and the deny/allow process is
> > done in your /some/page.php, so do the interception and loggin there.
>
> Currently, I'm using :
>
> ErrorDocument 403 /403_post.php
> <LimitExcept GET>
> Deny from env=GoAway
> </LimitExcept>
>
> so Apache does deny POST requests from supposed spammers. I don't really
> want to change this apache configuration based antispam by a full php
> interception on every POST on the server.


I've changed the vhost config, so that I don't use LimitExcept, and do
no longuer reply with a 403 error code.
Now I use this :

RewriteEngine ON
RewriteCond %{ENV:GoAway} 1
RewriteCond %{REQUEST_METHOD} POST
RewriteRule (.*) /403_post.php

It's not good because it gives a code 200 instead of a code 403, but
it's good because it allows me to record the POST request.

patpro

--
A vendre ! http://www.patpro.net/blog/index.php/2008/01/12/133

Report this message

#5: Re: POST request interception

Posted on 2008-04-14 18:03:29 by phantom

"patpro ~ Patrick Proniewski" <patpro@boleskine.patpro.net> wrote in message
news:patpro-EA0A87.13551914042008@localhost...
> In article <patpro-CF417F.14223212042008@news-1.proxad.net>,
> patpro ~ patrick proniewski <patpro@boleskine.patpro.net> wrote:
>
>> In article <slrng015b1.3hh.davideyeahsure@fogg.onlyforfun.net>,
>> Davide Bianchi <davideyeahsure@onlyforfun.net> wrote:
>>
>> > On 2008-04-11, patpro ~ patrick proniewski
>> > <patpro@boleskine.patpro.net>
>> > wrote:
>> > > spammer request : POST some data to /some/page.php
>> > > apache : denies POST and serves 403.php
>> >
>> > I think that Apache doesn't deny anything, and the deny/allow process
>> > is
>> > done in your /some/page.php, so do the interception and loggin there.
>>
>> Currently, I'm using :
>>
>> ErrorDocument 403 /403_post.php
>> <LimitExcept GET>
>> Deny from env=GoAway
>> </LimitExcept>
>>
>> so Apache does deny POST requests from supposed spammers. I don't really
>> want to change this apache configuration based antispam by a full php
>> interception on every POST on the server.
>
>
> I've changed the vhost config, so that I don't use LimitExcept, and do
> no longuer reply with a 403 error code.
> Now I use this :
>
> RewriteEngine ON
> RewriteCond %{ENV:GoAway} 1
> RewriteCond %{REQUEST_METHOD} POST
> RewriteRule (.*) /403_post.php
>
> It's not good because it gives a code 200 instead of a code 403, but
> it's good because it allows me to record the POST request.
>

Your php script can send the 403 header:
header('HTTP/1.1 403 Forbidden');

Report this message

#6: Re: POST request interception

Posted on 2008-04-14 18:45:40 by patpro

In article <lfLMj.7958$yD2.3068@text.news.virginmedia.com>,
"phantom" <nobody@blueyonder.invalid> wrote:

> > I've changed the vhost config, so that I don't use LimitExcept, and do
> > no longuer reply with a 403 error code.
> > Now I use this :
> >
> > RewriteEngine ON
> > RewriteCond %{ENV:GoAway} 1
> > RewriteCond %{REQUEST_METHOD} POST
> > RewriteRule (.*) /403_post.php
> >
> > It's not good because it gives a code 200 instead of a code 403, but
> > it's good because it allows me to record the POST request.
> >
>
> Your php script can send the 403 header:
> header('HTTP/1.1 403 Forbidden');

yep, I will try this, thanks.

BTW, I've tried:

RewriteRule (.*) /403_post.php [F]

but it wont work.

patpro

--
A vendre : KVM IP 16 ports APC
http://patpro.net/blog/index.php/2008/01/12/133

Report this message

#7: Re: POST request interception

Posted on 2008-04-14 22:31:47 by patpro

In article <lfLMj.7958$yD2.3068@text.news.virginmedia.com>,
"phantom" <nobody@blueyonder.invalid> wrote:

> Your php script can send the 403 header:
> header('HTTP/1.1 403 Forbidden');

Well, I've tried this, but unfortunately, it won't make Apache log a
403. The client gets the 403, but Apache logs a 200.

patpro

--
A vendre : KVM IP 16 ports APC
http://patpro.net/blog/index.php/2008/01/12/133

Report this message