Re: [mod-security-users] Some filter questions
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Some filter questions
|
From: Tom A. <tan...@oa...> - 2006-02-14 17:17:08
|
BassPlayer wrote:
> I would like to filter these user agents
>=20
> User Agents:
> [360] Mozilla/4.75 [en] (X11, U; Nessus)
> [2] Nessus
>=20
>>From reading the manual I'm not sure what locations are equivilent to t=
he
> User-Agent: entry in the log.
>=20
>>From this entry in the manual
>=20
> HTTP_header =96 search request header "header" (HEADER_header also work=
s as
> of 1.9)
>=20
> I would guess it would be something like
>=20
> SecFilterSelective HEADER_User-Agent Nessus
I actually handle those with mod_rewrite instead:
RewriteCond %{HTTP_USER_AGENT} Nessus [NC]
RewriteRule .* - [F,L]
That's just because I was blocking useragents before I started using=20
mod_security. I wonder if there is any advantage to using one or the=20
other in this case.
Tom
|
