[mod-security-users] (no subject)

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi, I would like help of you.

I am having a problem with a RFI attack.

If I have a link like this "
http://192.168.1.102/file.php?arg=http://192.168.1.101/index.html" in a
request, the ModSecurity detects the attack.

But, if I have a link like this "
http://192.168.1.102/file.php?arg=http://www.valid-domain.com/index.html"
in a request, the ModSecurity don't detects the attack.

Does anyone know what might be happening?

Best Regards.