Danged Script Kiddies - Spam Attack
Every now and then I get a pile of returned mail for apache, the webserver this machine uses. I had thought that it was a sendmail misconfiguration and was attacking it from that standpoint. I disabled the apache user account, rejected any email to or from apache, etc. These don’t work for long, since the blog and my bulletin board send email as apache. Today, I dug deeper and found that a simple cross-site scripting vulnerability was being exploited. I was sure that I would find the culprit in my real estate scripts. They are heavy in php and could have had errors somewhere in them - and have. Instead I found that a super simple page that I made for my tax firm had unchecked variables for inclusion. Hopefully, you have not received any of the spam that has been generated. And hopefully I have it fixed.
So let this be a lesson - mostly for me - check your variables.
