How to block a POST request with a specific body?

Y

Yuri2013-06-23 18:32:37

Nginx

Yuri, 2013-06-23 18:32:37

How to block a POST request with a specific body?

On our IPB 2.3.x forum, some spammers started registering and posting the same links to porn sites in profiles and signatures.
There is no desire to look for mods and hacks for IPB that could solve my problem.
But what if Nginx checks the POST request for the presence of a specific URL in it? And if such a request takes place, send it away.
Who has any ideas?

Reply

Answer the question

In order to leave comments, you need to log in

7 answer(s)

P

Puma Thailand, 2013-06-23
@opium

Attach akismet or captcha.

E

Ergil Osin, 2013-06-23
@Ernillew

nginx.org/en/docs/http/ngx_http_rewrite_module.html
_
if ($request_method = POST)
_

M

mikes, 2013-06-23
@mikes

you can try to go from the other side and do something like this
iptables -A INPUT -m string --string "URL" --algo bm --to 65535 -j DROP

W

WEBIVAN, 2013-06-23
@WEBIVAN

Rough and ugly, but it will work.
Add to the beginning of index.php after <?php

if(isset($_POST))
  foreach($_POST as $v)
    if(false!=stripos($v,'bad_url'))
      die('SPAMMER GO AWAY');

E

egorinsk, 2013-06-23
@egorinsk

Isn't it easier then to write a script. which will take the last N records from the database by cron and delete those that contain keywords? this seems faster to me.

A

Alexey Akulovich, 2013-06-24
@AterCattus

If you really want to use nginx:
if ...$request_body…

X

xmoonlight, 2016-02-12
@xmoonlight

A transparent captcha is placed on the domain and any POST request is intercepted to solve the problem. If everything is OK, then with other POSTs, it no longer intercepts.
Filtering web form text with isText .