+1, easy revert if it goes wrong.
-Ricky
On 04/14/2015 06:49 PM, Patrick Uiterwijk wrote:
With kind regards,
Patrick Uiterwijk
Fedora Infra
----- Original Message -----
> commit fb17ed59701ceb8f76d5b400e96c3503091eb9e6
> Author: Patrick Uiterwijk <puiterwijk(a)redhat.com>
> Date: Tue Apr 14 21:01:19 2015 +0000
>
> Actually deny mailman GET subscriptions
>
> The mailman form does POST, and this is a lot of spam bots.
> The mod_rewrite does not work because it is not processed since
> the ScriptAlias directive takes precedense.
>
> Signed-off-by: Patrick Uiterwijk <puiterwijk(a)redhat.com>
>
> diff --git a/modules/mailman/templates/mailman_httpd_config.erb
> b/modules/mailman/templates/mailman_httpd_config.erb
> index 43e5eb3..59a5dc7 100644
> --- a/modules/mailman/templates/mailman_httpd_config.erb
> +++ b/modules/mailman/templates/mailman_httpd_config.erb
> @@ -2,6 +2,13 @@
> # httpd configuration settings for use with mailman.
> #
>
> +<Location /mailman/subscribe>
> + <Limit GET>
> + Order deny,allow
> + Deny from all
> + </Limit>
> +</Location>
> +
> Alias /mailman/icons /var/www/icons
> ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/
> <Directory /usr/lib/mailman/cgi-bin/>
> @@ -19,13 +26,5 @@ Alias /pipermail/ /var/lib/mailman/archives/public/
> Allow from all
> </Directory>
>
> -# redirect queries to /mailman to the listinfo page
> -
> -
> -<IfModule mod_rewrite.c>
> - RewriteEngine on
> - RewriteCond %{REQUEST_METHOD} GET
> - RewriteRule ^/mailman/subscribe/(.*) / [R]
> -</IfModule>
>
> RedirectMatch ^/mailman[/]*$ https://<%= mailman_default_url_host
> %>/mailman/listinfo
>
>
> --
> Stephen J Smoogen.
>
I'm obviously +1 to this patch, but I'm not sure I really count as one :)
_______________________________________________
infrastructure mailing list
infrastructure(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/infrastructure