Re: [mod-security-users] Block argument when it contains specific characters.
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Block argument when it contains specific characters.
|
From: Christian F. <chr...@ti...> - 2015-06-15 06:57:45
|
Hello, On Mon, Jun 15, 2015 at 06:36:06AM +0000, Duy Linh Nguyen wrote: > Hi everyone,I'm new to mod security.Currently, I want to use mod_security to block a request which has specific characters . For example : zzz.Which means:- When I type : localhost/Home/Index?a=zzz , mod_security will throws me an error of 403 or 503. > > Can anyone help me to configure this please ? The zzz in your question is part of the query string. If you look for query string in the online manual, there is the following example: SecRule QUERY_STRING "attack" "id:34" You should replace attack with zzz and you are done. Reading the documentation or an online tutorial could do wonders when attempting such simple tasks. Ahoj, Christian -- There's no sense in being pessimistic. It wouldn't work out anyway. --- Anonymous |