Re: [mod-security-users] Modsec on Tiger?
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Modsec on Tiger?
|
From: Ivan R. <iv...@we...> - 2006-02-13 18:14:01
|
li...@32... wrote: > on 2/13/06 12:53 PM, Ivan Ristic at iv...@we... wrote: > >>> OK, that made it start spitting info. Everything looks fine, but I am still >>> not seeing as much filtering as before my upgrade. >>> >>> Can you give me a test rule to see what is up? >> No, there's no such thing as a test rule. Just read the debug log - it >> will tell you everything you need to know... > > Really, not even a rule that looks for 'goober' in a GET argument? Really. Why would you want your adversaries to have the ability to test whether ModSecurity is running or not? > I am sure > that can be done? What, to have a test rule? It can be done but it's not a smart thing to do. > Then I can 'test' to see if it catches it. Or, you could read the debug log as already I suggested. -- Ivan Ristic, Technical Director Thinking Stone, http://www.thinkingstone.com ModSecurity: Open source Web Application Firewall |
