Re: [mod-security-users] Rule

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

> How can i block this kind of request : GET 
> http://www.bluegrassass.com/BGAmembers/index.html

   You can block it with:

   SecFilterSelective THE_REQUEST "http://"

   but that will probably block all proxy requests. If you want
   to that it would probably be easier to turn the proxy off:

   ProxyRequests Off

   If you need the proxy but want to prevent some people from
   using it have a look here:

   http://httpd.apache.org/docs/mod/mod_proxy.html
   (assuming you're using Apache 1.x)

   The code snippet is:

   <Directory proxy:*>
       Order Deny,Allow
       Deny from all
       Allow from yournetwork.example.com
   </Directory>

-- 
ModSecurity (http://www.modsecurity.org)
[ Open source IDS for Web applications ]