Re: [mod-security-users] regex for matching urls
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] regex for matching urls
|
From: Tom A. <tan...@oa...> - 2005-03-07 17:48:41
|
SecFilterSelective HTTP_Referer|ARGS
"[a-z]+:/+[\w\-_.]*poker[\w\-_.]*\.[a-z]{2,}"
That will work whether there's one or two (or more) slashes. For just one
or two, try:
SecFilterSelective HTTP_Referer|ARGS
"[a-z]+:/{1,2}[\w\-_.]*poker[\w\-_.]*\.[a-z]{2,}"
Then it will match whether you use normalization or not. Better still:
SecFilterSelective HTTP_Referer|ARGS
"(ht|f)tps?:/{1,2}[\w\-_.]*poker[\w\-_.]*\.[a-z]{2,4}(/|$)"
Tom
----- Original Message -----
From: "Peter Wood" <prw...@gm...>
To: <mod...@li...>
Sent: Monday, March 07, 2005 11:55 AM
Subject: Re: [mod-security-users] regex for matching urls
> Hrm, never mind, I just tried that, and it didn't work either... any
> other way around it?
>
>
> On Mon, 7 Mar 2005 11:45:37 -0500, Peter Wood <prw...@gm...> wrote:
>> Ivan,
>>
>> Thanks for the response. Can you suggest any way to work around this
>> so that we can match 'http://'? Would '/{2}' work, or would that also
>> be normalized?
>>
>> Thanks,
>>
>> Peter
>>
>>
>> On Mon, 07 Mar 2005 16:45:58 +0000, Ivan Ristic <iv...@we...>
>> wrote:
>> > Peter Wood wrote:
>> > > Greetings,
>> >
>> > > What is wrong with '[a-z]+://' ?
>> >
>> > Before regular expression is applied to a piece of data
>> > mod_security performs data normalization and reduces
>> > redundant forward slashes. Thus "http://" becomes "http:/".
>> >
>> > (No, I don't like it either. That's why in 1.9 normalization
>> > will become optional and configurable per-rule.)
>> >
>> > --
>> > Ivan Ristic
>> > Apache Security (O'Reilly) - http://www.apachesecurity.net
>> > Open source web application firewall - http://www.modsecurity.org
>> >
>> > -------------------------------------------------------
>> > SF email is sponsored by - The IT Product Guide
>> > Read honest & candid reviews on hundreds of IT Products from real
>> > users.
>> > Discover which products truly live up to the hype. Start reading now.
>> > http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
>> > _______________________________________________
>> > mod-security-users mailing list
>> > mod...@li...
>> > https://lists.sourceforge.net/lists/listinfo/mod-security-users
>> >
>>
>> --
>> Peter R. Wood | email: prw...@gm... | blog: http://prwdot.org/
>>
>
>
> --
> Peter R. Wood | email: prw...@gm... | blog: http://prwdot.org/
>
>
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real users.
> Discover which products truly live up to the hype. Start reading now.
> http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
|
