Run script when POST data is sent to Apache
Posted
by Nathan Adams
on Server Fault
See other posts from Server Fault
or by Nathan Adams
Published on 2010-04-27T14:10:15Z
Indexed on
2010/04/27
14:14 UTC
Read the original article
Hit count: 320
Among my several years of running servers there seems to be a pattern with most spam activity. My question/idea is that is there a way to tell Apache to run a script when POST data is detected?
What I would want to do is perform a reverse DNS lookup on the client's IP address, and then perform a DNS lookup on the hostname in the PTR record. Afterwards, perform some checks, excuse the pseudo-code:
if PTR does not exist:
deny POST request
if IP of PTR hostname = client's IP
Allow POST request
else
deny POST request
Though I don't care about GET requests, even though they can be just as malicious, this idea is targeted towards spam comments which use POST data to send the comment data to the web server. In order to make sure there isn't much of a time delay, I would run my own recursive DNS server.
Please do note, this isn't meant to be a sliver bullet to spam, but it should decrease the volume.
Possible or impossible?
© Server Fault or respective owner