Re: [mod-security-users] Blocking
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Blocking
|
From: Ivan R. <iv...@we...> - 2005-11-29 16:58:54
|
Terry Dooher wrote: > > I thought there was a way of ignoring case in signatures, but I can't > seem to find it, so I've covered all of the bases with single character > matches. Actually, comparisons are case-insensitive, so you don't need to worry about case at all. > As far as I know, The above will match the only valid way of presenting > a bcc: header. There may be some way of masking newlines that would fool > this filter, but still be a valid header. I'm not aware of one, however. > It should be fairly obvious how to tailor this to match To:, From: etc... > > It's also worth creating an audit log of infringing requests, at least > to begin with. That's a good idea. I've been thinking about creating a special email address to accept audit log entries. The idea is to automate the process and put the log entries into a database automatically. -- Ivan Ristic Apache Security (O'Reilly) - http://www.apachesecurity.net Open source web application firewall - http://www.modsecurity.org |
