Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Mod_Security rules |
|
| Author |
|
meditate
Joined: 27 Oct 2009
Posts: 1
|
 Posted: Wed 28 Oct '09 8:28 Post subject: Mod_Security rules |
 |
|
I need to prevent 5 typical vulnerabilities for a class. So far I have found 3.
Prevent path traversal:
SecRule ARGS "\.\./"
XSS atacks:
SecRule ARGS "<(.|\n)+>"
SecRule ARGS "<[[:space:]]*script"
SQL injection attacks:
SecRule ARGS "delete[[:space:]]+from"
SecRule ARGS "insert[[:space:]]+into"
SecRule ARGS "select.+from"
Could I have some suggestions for preventing some typical attacks? |
|
| Back to top |
|
|
|
|
|
|
