Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 52099 invoked from network); 17 May 2005 14:15:34 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 17 May 2005 14:15:34 -0000 Received: (qmail 46294 invoked by uid 500); 17 May 2005 14:08:29 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 46280 invoked by uid 500); 17 May 2005 14:08:29 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 46257 invoked by uid 99); 17 May 2005 14:08:28 -0000 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (hermes.apache.org: local policy) Received: from awl.doit.wisc.edu (HELO awl.doit.wisc.edu) (128.104.17.198) by apache.org (qpsmtpd/0.28) with ESMTP; Tue, 17 May 2005 07:08:26 -0700 Received: from awl.doit.wisc.edu (localhost.localdomain [127.0.0.1]) by awl.doit.wisc.edu (8.12.11/8.12.11) with ESMTP id j4HE787i014892 for ; Tue, 17 May 2005 09:07:08 -0500 Received: from localhost (cdunigan@localhost) by awl.doit.wisc.edu (8.12.11/8.12.11/Submit) with ESMTP id j4HE78m7014888 for ; Tue, 17 May 2005 09:07:08 -0500 X-Authentication-Warning: awl.doit.wisc.edu: cdunigan owned process doing -bs Date: Tue, 17 May 2005 09:07:08 -0500 (CDT) From: Craig Dunigan To: users@httpd.apache.org In-Reply-To: <000001c55a89$9898d760$2301000a@Dell> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Checked: Checked Subject: Re: [users@httpd] Rewrite text in served pages X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N On Mon, 16 May 2005 krystian@mindspring.com wrote: > Hello, > > Suppose an email harvester (evil) from wewillspamyou.com visits my site, > domain.com > > Is there a way for Apache to detect the user and rewrite certain text that > appears in the webpage that is served to that user? > > Here's the kicker: > > I'm looking to Apache to fulfill this need. > > I can't use php (or write some inline code in another language). Doing so > would require modifying software that I install but don't maintain (say, > pre-packaged blogging software), would require me to modify each software > each time it's updated, AND may cause instability issues if I don't notice > something particular to some software and cause me to screw up. > > Therefore, the only choice remaining is to ask someone who knows a little > bit about Apache. =) > ------------------ > Here's some elaboration on the problem: > > For instance, if I detect a visitor from spammers.com, to the webpage > delivered to that user, I want to modify (falsify) text that follows the > "mailto:" string. > > Instead of: > mailto: personalemail@domain.com > > I would much rather prefer to translate text to: > mailto: bill@microsoft.com > > I'm thinking: are there some plugins or instructions which permit apache > while serving a page (right before released to user) to: > > 1. search for text that matches a regex pattern > 2. then take actions (like say, invoke sed search and replace) on that text > to replace with alternate text > > Just wondering what the best way to do this would be. > > I'm wondering if there's some directives that would apply for any page > served by apache for my domain.com > ------------------ > I don't know if this can be done. At least, I don't know enough about Apache > to make a call either way. But maybe there is a hope to get this solved some > other way. > > This idea would certainly be a great way to do a little stenography kung fu > on spammers. I'm sure bill@microsoft.com wouldn't mind (of course you mind, > Bill, that was a joke, please don't be mad). > > Though an easy solution: I wish to avoid using images to encode my email > strings. I really hope to find some solution using the above mentioned > teqniques. > > > Thanks for your thoughts. > -Krystian > > Possible, yes. Practical, no. I learned just recently that you can use mod_proxy_html to conditionally rewrite HTML before it's served. The impractical part would be keeping track of spam domains that keep changing, and harvester spiders that probably spoof the AGENT string anyway. Apache must rely on the name a client reports to it; it has no way of verifying that name. That name is in the HTTP header and is called AGENT. I would guess that many email harvesters randomize the AGENT string they send the server in their requests, to avoid just such a blocking strategy. And be careful that you never redirect spam to a _real_ email address - there could be legal ramifications. -- Craig Dunigan IS Technical Services Specialist (I don't know what it means, either) Middleware - Enterprise Info Systems - Department of Info Technology University of Wisconsin, Madison opinions expressed are my own, not the University's --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org