Re: [mod-security-users] Problem with regexp in ModSecurity
Brought to you by:
victorhora,
zimmerletw
From: Mathieu D. <md...@gm...> - 2007-11-27 18:53:51
|
> Hm... I don't see the intended behaviour of your rules ;-) This is for enforcing password strength. > However, without any knowledge of your complete setup, you > may struggle with a transformation-problem here. IIRC, ModSecurity > does have a transformation "toLower" enabled by default (at least in > the current stable version, this changes in the 2.5!!). > So without any SecDefaultAction directive beforehand all your > regexp's will be matched against the lower-case value. You can > get the "original" version by adding "t:none" to the list of actions > of your rules. Great, that's the solution. With "deny,t:none" it works. Thanks. |