Hi Yavuz,

 - in modsecuritty 1.9 -

SecFilterSignatureAction "log,deny,msg:'XSS attack'"
SecFilterSelective ARGS "<script"
SecFilterSelective ARGS ".javascript"
SecFilterSelective ARGS "vbscript:"
SecFilterSelective ARGS "document\.cookie"
SecFilterSelective ARGS "document\.location"
SecFilterSelective ARGS "document\.write"

- in modsecurity 2.x -
SecDefaultAction "log,deny,msg:'XSS attack'"
SecRule ARGS "<script"
SecRule ARGS ".javascript"
SecRule ARGS "vbscript:"
SecRule ARGS "document\.cookie"
SecRule ARGS "document\.location"
SecRule ARGS "document\.write"

it is smilar. You can use SecDefaultAction for it or add action for each rule.

Best Regards,
--
Bunyamin Demir
OWASP-Turkey Chair
http://www.webguvenligi.org


2007/6/28, Yavuz Maslak <yavuz.maslak@ihlas.net.tr>:
I use mod_security2
 
Which command does mod_security2 use instead of  "SecFilterSignatureAction" ?

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users




--
Bunyamin Demir
OWASP-Turkey Chair
http://www.webguvenligi.org