Re: [mod-security-users] Wrong post trigger
Brought to you by:
victorhora,
zimmerletw
From: Ivan R. <iv...@we...> - 2005-12-16 11:02:03
|
Gerwin Krist -|- Digitalus Webhosting wrote: > Hey there my fellow list readers. I was testing some new rules (mostly for php > email injection rules), for this it was required to have ScanPOST on. > > I have the following rule: > SecFilterSelective ARGS_VALUES "(http:/).+(\.txt|\.jpg|\.dat|\.gif|\.jpeg > \.ini|\:[0-9]{1,9})" > Which should check for remote locations in server arguments (GET) only right? No. It checks all arguments, no matter where they are. If you are only interested in GET try QUERY_STRING. -- Ivan Ristic Apache Security (O'Reilly) - http://www.apachesecurity.net Open source web application firewall - http://www.modsecurity.org |