[mod-security-users] Wrong post trigger
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] Wrong post trigger
|
From: Gerwin K. -|- D. W. <ge...@di...> - 2005-12-16 08:26:25
|
Hey there my fellow list readers. I was testing some new rules (mostly for php
email injection rules), for this it was required to have ScanPOST on.
I have the following rule:
SecFilterSelective ARGS_VALUES "(http:/).+(\.txt|\.jpg|\.dat|\.gif|\.jpeg
\.ini|\:[0-9]{1,9})"
Which should check for remote locations in server arguments (GET) only right?
Well mod_security also triggers it when I put a remote location in an email
form. Am I making a thinking error here? Maybe I looked to long to this
issue :)
--
Met vriendelijke groet/With kind regards,
Gerwin Krist
Digitalus
First-class Internet Webhosting
(w) http://www.digitalus.nl
(e) gerwin at digitalus.nl
(p) PGP-ID: 79B325D4
(t) +31 (0) 598 630000
(f) +31 (0) 598 631860
***************************************************************************************
This message may contain information which is confidential or privileged.
If you are not the intended recipient, please advise the sender immediately
by reply e-mail and delete this message and any attachments without
retaining
a copy.
***************************************************************************************
|
