Jun 6, 2008

Request contained a malicious JavaScript or SQL injection attack

bad-behavior is now blocking what it says is a SQL injection but all its really looking for is a # in the header. So I end up seeing crap like this.

I think this may be a bug in bad behavior

Update: I am still seeing this from the Yahoo bot

403 Request contained a malicious JavaScript or SQL injection attack
Agent: Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
74.6.8.122 llf520018.crawl.yahoo.net

403 Request contained a malicious JavaScript or SQL injection attack
Agent: Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
74.6.17.186 llf520164.crawl.yahoo.net

403 Request contained a malicious JavaScript or SQL injection attack www.winnfreenet.com
Agent: Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
74.6.22.159 llf520079.crawl.yahoo.net



// Broken spambots send URLs with various invalid characters
// Some broken browsers send the #vector in the referer field :(
if (strpos($package['request_uri'], "#") !== FALSE) {
return "dfd9b1ad";
}
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)