Re: [mod-security-users] Restriction to / dir
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Restriction to / dir
|
From: Ulf H. <me...@op...> - 2004-01-07 11:15:40
|
> ModSecurity can scan parameters for suspicious strings but it's > not foolproof. It needs something distinctive to act upon. For > example, protecting "/boot" is easy. But the root "/" - not simple. What about this regular expression? ^/[^/]*$ It will match strings that begin with a slash and then have zero or more characters that are something else than slashes. I think it might be useful for people who want to restrict mod_security to only allow files from the top-dir, or for that matter, to restrict it to files in other dirs than the top-dir. // Ulf Harnhammar kses - PHP HTML/XHTML filter (no XSS) http://sourceforge.net/projects/kses -- ___________________________________________________ Check out the latest SMS services @ http://www.operamail.com, which allows you to send SMS through your mailbox. Powered by Outblaze |
