You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by jh...@apache.org on 2014/09/03 19:54:27 UTC
svn commit: r1622307 -
/spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf
Author: jhardin
Date: Wed Sep 3 17:54:26 2014
New Revision: 1622307
URL: http://svn.apache.org/r1622307
Log:
Add rules to check for references to compromised WordPress sites
Modified:
spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf
Modified: spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf
URL: http://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf?rev=1622307&r1=1622306&r2=1622307&view=diff
==============================================================================
--- spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf (original)
+++ spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf Wed Sep 3 17:54:26 2014
@@ -1338,6 +1338,9 @@ meta URI_WPADMIN __URI_WPA
describe URI_WPADMIN WordPress login/admin URI, possible phishing
tflags URI_WPADMIN publish
+uri __URI_WPCONTENT m,/wp-content/.*\.php,i
+uri __URI_WPINCLUDES m,/wp-includes/.*\.php,i
+
# subrules migrated from 00_FVGT_File001.cf
header __SUBJ_LOWER ALL =~ /subject:\s\S{5}/