18 Aug 21:15
Re: Mod-Security and php forums
Matt Wrycraft <matt <at> wrycraft.net>
2006-08-18 19:15:04 GMT
2006-08-18 19:15:04 GMT
I certainly think it's something I need to do. Many thanks for your help! :) Matt Tom Anderson wrote: > Matt Wrycraft wrote: >> I am running SQL and can certainly understand the need to keep the rules >> dealing with injection attacks. SQL is used throughout my site and I >> would like to keep the rules generally, just exclude them from forum >> posts. I do have sanitation of forum posts anyway, which is why I'm >> happy to avoid using modsec there. > > In my experience, it's mostly the "select from" part of the rule which > trips up normal speech in discussion forums. Most other SQL commands > are not a part of normal speech. Therefore, allowing "select from" (by > removing that part of the rule) may be worth your while if seperate > sanitation is done within the software. If your discussion forums > actually have SQL as a topic, then that theory goes out the window > though and sanitation is absolutely required so that all text goes > through unfiltered (and unexecuted), and the entire SQL-injection rule > should be removed. > > In the latter case, your location-based rule removal should work, > assuming you've specified your SQL-injection rule correctly. > Alternatively, you can start fresh with new rules for the forums: > > <Location /forums/≥ > SecFilterInheritance Off > SecFilterImport ... > SecFilter ... > </Location> > > Tom > > > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > _______________________________________________ > mod-security-users mailing list > mod-security-users <at> lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
RSS Feed