Hello
we had a lot of those attacks on our web hosting servers in the past
and it has only to do with apache . It is a known and old exploit,
a spam relay is using Apache to forward data to an open mail relay.
We check those at router level but the mod_security works fine for a
single machine
Really it is an old exploit.
Nothing to worry about regarding the toaster, well you can always add a
nice mod_security configuration to take care of all those little exploits
Jake Vickers wrote:
Eric Shubert wrote:
Thanks Jake. So is this simply an apache configuration issue? Is
there an easy way it can be 'fixed' in a toaster package configuration?
It's actually an issue with the programming of the application
(talking about Roundcube here). There are a couple different Apache
modules that can be utilized to proxy or filter the PHP code used and
help prevent the exploits in the code.
I'm sure something could be written into QTP to install any one of
those modules if someone wants to lay out a skeleton that can be used
as a base for the installation of the module.
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and
installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and
packages.
To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com