You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@spamassassin.apache.org by jh...@apache.org on 2014/09/03 19:54:27 UTC

svn commit: r1622307 - /spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf

Author: jhardin
Date: Wed Sep  3 17:54:26 2014
New Revision: 1622307

URL: http://svn.apache.org/r1622307
Log:
Add rules to check for references to compromised WordPress sites

Modified:
    spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf

Modified: spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf
URL: http://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf?rev=1622307&r1=1622306&r2=1622307&view=diff
==============================================================================
--- spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf (original)
+++ spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf Wed Sep  3 17:54:26 2014
@@ -1338,6 +1338,9 @@ meta        URI_WPADMIN        __URI_WPA
 describe    URI_WPADMIN        WordPress login/admin URI, possible phishing
 tflags      URI_WPADMIN        publish
 
+uri         __URI_WPCONTENT    m,/wp-content/.*\.php,i
+uri         __URI_WPINCLUDES   m,/wp-includes/.*\.php,i
+
 # subrules migrated from 00_FVGT_File001.cf
 
 header      __SUBJ_LOWER       ALL =~ /subject:\s\S{5}/