<< Visual Basic 2005 Power Packs suggestion | Home | Dynamics NAV and database expansion >>

ReverseDOS breaks Subtext

As you know, Subtext actually uses ReverseDOS integration to fight spam.

ReverseDOS is a very simple HttpModule that checks various parts of incoming requests against a list of spam filters that you set. If ReverseDOS detects a match with the filters, it attempts to stall the requesting client for a number of seconds (specified in a .config file).

The facts:

  1. after the last trackback's spam attack to my blog, I've updated the ReverseDOS.config configuration. It was thursday evening.
  2. Friday morning I try to open my blog page and it doesn't respond: the favicon was loaded on the browser but the page content was not showed. I was thinking to a problem on the server, so...wait...
  3. Friday afternoon, I try to reopen the blog's page: always the same story, no content was showed. I decide to go to my IIS configuration and check for problems. All was good.
  4. Friday evening, the same... I decide to check also for problems on the database by executing the stored procedures manually, but all was good. The web.config was good too...
  5. This morning, the problem was the same... I decide to install another instance of Subtext to test for server's problem: all was good, the new istance was working correctly with the old database. Now, a light appears on my mind... maybe the updated ReverseDOS.config file is the cause of the problem?
  6. I open the new ReverseDOS.config (where I've added custom filters in the past days) and I remove the last inserted filter between the tags <filter isRegex="true"> ... </filter>.
  7. I upload the new ReverseDOS.config on the old application and try to execute it: all was good, magically my blog's content is appeared!

So, what was the problem? I don't know well how ReverseDOS works internally, but the filter part that cause the problem was this:

<filter isRegex="true">hotel|hotels</filter>

By removing the plural name (leaving only <filter isRegex="true">hotel</filter> all was good.

Why ReverseDOS blocks the blog's content in this case? A loop on my mind when I wrote this spam filter and (maybe) a loop also on the ReverseDOS engine...  

Print | posted on Saturday, September 23, 2006 5:59 PM

Comments on this post

# re: ReverseDOS breaks Subtext

Requesting Gravatar...
Did you check your Subtext error log to see if there's error messages regarding this? I've sent an email to the RDOS guy about erroring out gracefully. If you make a mistake in your RDOS file, it can break the site.
Left by Haacked on Sep 23, 2006 8:32 PM

# re: ReverseDOS breaks Subtext

Requesting Gravatar...
Phil, on the Error log there's not any error messages regardint to ReverseDOS, but checking the ReverseDOS.config has solved my problem.
Left by Stefano Demiliani on Sep 24, 2006 10:49 AM

# re: ReverseDOS breaks Subtext

Requesting Gravatar...
It's good to know about this. I've been lucky so far. When I have edited ReverseDOS.config, I have not had any problems. But now I will know what to look for.

BTW, I have added some filters similar to yours. The only difference I can see is that my filters included word boundary criteria like this:

<filter isRegex="true">\b(myword|mywords)\b</filter>

I have not tried it without the "\b" and after reading your article, I'm afraid to try that
Left by Dave on Sep 24, 2006 1:03 PM

# re: ReverseDOS breaks Subtext

Requesting Gravatar...
I don't know the cause Dave, but removing this filter has solved the problem. Never tryed with the "\b", maybe this will work.
Left by Stefano Demiliani on Sep 24, 2006 7:59 PM

Your comment:

 (will show your gravatar)
 
Please add 2 and 8 and type the answer here: