Prevent php regex, someone using myphpfile.php maybe using they bot spammer script
Hi guys,
few days ago my host says in one of my website are sending large mail, that come from senegal country ip
here are my host says
myphpfile.php are file for sending private message (member got email notification too for each private message) to another member in my site, you must be login to use that page
is there a way to prevent myphpfile.php page by accessing from other server, so only real user that can accessing the page? maybe like prevent hotlinking image
please share your knowledge guys
few days ago my host says in one of my website are sending large mail, that come from senegal country ip
here are my host says
|
There were another 16 mails in the queue this morning going to a very large number of recipients. X-PHP-Script: www.domain.com/myphpfile.php for 111.222.333.444 That seems to be the source IP, they more than likely injecting headers into the mail() being used in PHP, there are a few regexes and methods on the Internet if you google on how to prevent it. |
myphpfile.php are file for sending private message (member got email notification too for each private message) to another member in my site, you must be login to use that page
is there a way to prevent myphpfile.php page by accessing from other server, so only real user that can accessing the page? maybe like prevent hotlinking image
please share your knowledge guys
-
johnnyN -
Thanks
{{ DiscussionBoard.errors[4260931].message }} -