[mod-security-users] Ask a question about regex in CRS
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] Ask a question about regex in CRS
|
From: Neo L. <dia...@gm...> - 2010-06-22 04:05:25
|
Hi, everyone
The following rule comes from
rules/base_rules/modsecurity_crs_41_sql_injection_attacks.conf , but I
don't understand what does the regular expression "(?:[\\\(\)\%#]|--)"
mean. What's the meaning of "\%" in a regex?
SecRule MATCHED_VAR "(?:[\\\(\)\%#]|--)"
"t:none,setvar:'tx.msg=%{rule.msg}',setvar:tx.sql_injection_score=+%{tx.critical_anomaly_score},setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-WEB_ATTACK/SQL_INJECTION-%{matched_var_name}=%{tx.0}"
|
