All geek questions in one place

How to remove contact information from plone?

Each new site plone as / contact -info / url with a common email form on it.

Spambots can easily find this and use it for webmasters with malicious emails (in particular, note that the “object” can be indicated in the letter).

This old thread http://plone.293351.n2.nabble.com/modify-or-disable-site-contact-form-td7258555.html suggests you just update the template so that it is empty. However, this is not enough to prevent spam.

wget http://localhost:8080/contact-info --post-data "sender_fullname=d& sender_from_address=doug@localhost.com &subject=d&message=d&form.submitted=1"

Will still send email to the form handler.

How do you completely disable this form handler?

edit: I see you can change the script form handler at:

 /portal_skins/plone_form_scripts/send_feedback_site/manage_main /portal_skins/custom/contact-info

To create a custom script handler and replace the default actions. However, this does not really delete the page; it just does nothing.

+5
source share
2 answers

What you need to configure is not a template, but the endpoint of a send_feedback_site script.

Replace all script code with:

 from zExceptions import NotFound raise NotFound()

Or perhaps better than Unauthorized .

+7
source

If you use nginx or apache in front of your Plone site, you can write a redirect rule for this URL. This can then be added to your standard so that it is always there for new sites.

0
source

Source: https://habr.com/ru/post/1202644/

More articles:


All Articles