Re: [mod-security-users] inclusive filter rule set "default deny all mode"
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] inclusive filter rule set "default deny all mode"
|
From: joe b. <joe...@ya...> - 2006-04-09 18:24:16
|
I tried this to list all the application files SecFilterSelective SCRIPT_FILENAME "!^00.00_Header.htm" SecFilterSelective SCRIPT_FILENAME "!^00.00_Header.php" SecFilterSelective SCRIPT_FILENAME "!^00.00-web_style_sheet.css" SecFilterSelective SCRIPT_FILENAME "!^99.00-mls_ home_page_count.php" SecFilterSelective SCRIPT_FILENAME "!^background5.jpg" SecFilterSelective SCRIPT_FILENAME "!^background6.jpg" SecFilterSelective SCRIPT_FILENAME "!^background7.jpg" and first rule terminates everything. There are a lot more that 7 files, so tried this SecFilterSelective SCRIPT_FILENAME "!^(00.00_Header.htm |00.00_Header.php |00.00-web_style_sheet.css |99.00-mls_ home_page_count.php |background5.jpg |background6.jpg |background7.jpg |background8.jpg |button.php |class.phpmailer.php |index.htm)$" and got syntax error on this !^( Looks like rule can not cross over multiple lines, unless there is some continue on next line symbol I need to add in. This maybe a programming oversight in the parsing of the rule. --------------------------------- Yahoo! Messenger with Voice. PC-to-Phone calls for ridiculously low rates. |
