Re: [mod-security-users] Verifying credit cards
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Verifying credit cards
|
From: Ivan R. <iva...@gm...> - 2008-01-11 10:10:16
|
On Jan 10, 2008 10:09 PM, Ryan Barnett <Rya...@br...> wrote: > > ... > > FYI =96 we (Breach) have addressed this issue in our commercial Enhanced = Rule > set by including an additional module to create a new @verifyCC operator > that will run the Luhn check against the captured CC RegEx matches. The code for the @verifyCC operator has since been included in ModSecurity, starting with the 2.5 branch: http://www.modsecurity.org/documentation/modsecurity-apache/2.5.0-rc1/modse= curity2-apache-reference.html#N1183E > Hope this helps. > > > > > > > -- > Ryan C. Barnett > ModSecurity Community Manager > > Breach Security: Director of Training > > Web Application Security Consortium (WASC) Member > > CIS Apache Benchmark Project Lead > > SANS Instructor, GCIA, GCFA, GCIH, GSNA, GCUX, GSEC > > Author: Preventing Web Attacks with Apache > > > > > ________________________________ > > > From: mod...@li... > [mailto:mod...@li...] On Behalf Of > Matthew Tice > Sent: Thursday, January 10, 2008 4:44 PM > To: mod...@li... > Subject: [mod-security-users] Verifying credit cards > > > > > > Hello, > > I'm trying to setup something to verify that credit card numbers are not > returned (phase 4 I believe). > > Easily enough I can setup a regex to verify - but that could lead to fal= se > positives. I know that you can execute an external script when you get a > match, but can you then get the results of that external script? > I'd just like to run a Luhn check on the number, if it comes back positi= ve > then I'll react, otherwise I'll let it through. Any help is appreciated. > > Thanks, > > Matt > ------------------------------------------------------------------------- > Check out the new SourceForge.net Marketplace. > It's the best place to buy or sell services for > just about anything Open Source. > http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketpl= ace > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > --=20 Ivan Ristic |
