Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Ryan Barnett <RBarnett <at> trustwave.com>
Subject: Re: [Owasp-modsecurity-core-rule-set] ModSecurity Advanced Topic of the Week: (Updated) Exception Handling
Newsgroups: gmane.comp.apache.mod-security.user
Date: Thursday 25th August 2011 13:13:02 UTC (over 5 years ago)
On 8/24/11 5:47 PM, "Thomas D. Dahlmann"  wrote:

>On 2011-08-24 23:12, Ryan Barnett wrote:
>> SecRuleUpdateTargetById 950907 !REQUEST_FILENAME
>If I go with the above will it then bypass any file request
>unconditionally?

Correct, if you use this directive, it will modify the TARGET list for
rule ID 950907 and will not inspect the REQUEST_FILENAME variable at all.

-Ryan

>
>/T
>


This transmission may contain information that is privileged, confidential,
and/or exempt from disclosure under applicable law. If you are not the
intended recipient, you are hereby notified that any disclosure, copying,
distribution, or use of the information contained herein (including any
reliance thereon) is STRICTLY PROHIBITED. If you received this transmission
in error, please immediately contact the sender and destroy the material in
its entirety, whether in electronic or hard copy format.


------------------------------------------------------------------------------
EMC VNX: the world's simplest storage, starting under $10K
The only unified storage solution that offers unified management 
Up to 160% more powerful than alternatives and 25% more efficient. 
Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev
_______________________________________________
mod-security-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mod-security-users
ModSecurity Services from Trustwave's SpiderLabs:
https://www.trustwave.com/application-security.php
 
CD: 17ms