[mod-security-users] http-version

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

I'm trying to determine how to match the HTTP protocol version passed in
from the client in order to help prevent fingerprinting.  For example,
if the request is "GET / HTTP/3.0", Apache generally returns "400 Bad
Request" while IIS returns "200 OK", and Netscape returns "505 HTTP
Version Not Supported".  I'd like to be able to match the HTTP version
string in order to change the response to 505 or 406 or something else. 
However, none of the "locations" for SecFilterSelective seem to work. 
HTTP_VERSION at least doesn't return an error, but it doesn't match the
http version string either.  Please let me know if what I want to do is
possible, and if so, how to do it.  Thanks.

Tom