Hallo, Michael,
Du (michael.daly) meintest am 11.08.08:
"GET /Wiki/index.php?title=http://example.tld/some-side.htm? HTTP/1.1" 301 "GET /Wiki/index.php?title=Http://example.tld/some-sid e.htm%3F HTTP/1.1" 200
That's spam. Example.tld is likely coming from Russia (i.e. the real domain is something.ru) - at least that's what I'm getting.
I've added some statements to my Apache <VirtualHost> sections to use mod_rewrite to send back a 403 (forbidden URL) message:
RewriteCond %{REQUEST_URI} ^title=.*http: [OR,NC] RewriteCond %{REQUEST_URI} ^/index.php/.*http: [OR,NC] #... other forbidden stuff... RewriteRule ^(.*)$ http://example.com [F,L,R]
That seems to catch most of it.
Doesn't work - sorry.
Just another idea: This spambot always asks "<wiki-dir>/index.php", and that skript always could detect
title=http://xyz or title=Http://xyz
In my Wiki I've never seen an allowed query string with an URL as title: mediawiki should (as far as I can see) detect such titles as errors.
How and where could I patch the "index.php"?
Viele Gruesse! Helmut