Welcome to WebmasterWorld Guest from

Forum Moderators: phranque

Message Too Old, No Replies

Formmail - I don't use it but...

sites are getting hit from hosts central cgi-bin - HELP

1:35 pm on Jan 29, 2003 (gmt 0)

New User

10+ Year Member

joined:Nov 14, 2002
votes: 0

I have some sites on a host who uses a central cgi-bin for scripts such as formmail for everyone on the server. I know, its bad, but...

Over the last few weeks I've been noticing an increasing number of e-mails from webmaster@mydomain.com from the formmail script located in this central cgi-bin. I looked over some logs yesterday and saw TONS of hits looking for every version of formmail in a varity of directories.

Since I do not have access to this central cgi-bin, I can't simply delete formmail. It is NOT in my local cgi-bin, as I don't use it. How can I stop / block users from accesing it on my domains? I tried .htaccess in the root, but it blocked the entire site. I really don't want to end up on a spammer list because of this.

Help please?

1:47 pm on Jan 29, 2003 (gmt 0)

Senior Member from ZA 

WebmasterWorld Senior Member 10+ Year Member

joined:July 15, 2002
votes: 1

Looks like you have been hit by a spammer!

If you do a site search, you will pull up a couple of threads about this topic :)


2:00 pm on Jan 29, 2003 (gmt 0)

New User

10+ Year Member

joined:Nov 14, 2002
votes: 0

Thanks CC.

But I already did a site search and read relavent posts.

My problem is it is NOT my local copy in my local cgi-bin. It is the copy in the servers main shared cgi-bin, where I don't have access directly to the scripts (all are accessed via aliases when a user makes a request).

So, I can't rename or remove the script. I need a way to block users from accessing it.

2:20 pm on Jan 29, 2003 (gmt 0)

Junior Member

10+ Year Member

joined:Feb 21, 2002
votes: 0

you need to get your hosting company to look at it for you.

Let them know there's a problem and politely suggest that they, at least, upgrade to the latest version of formmail which has better protection against flagrant spam.

If that doesn't work, you gotta consider changing hosts.