Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: zeno (bugtraq_at_cgisecurity.net)
Date: Tue Dec 10 2002 - 12:13:15 CST
> Bill Burge wrote:
> > After a cursory glance, other than removing a some abstraction
> > and making configuration a little more straight forward; I'm not
> > sure how this differs from what can be done with mod_rewrite.
> One major feature: it filters POST payloads, too. There is no
> point of having any kind of web application firewall if you
> allow attackers to attack you via POST.
> The other major feature (at least to me) is the full (POST
> included) audit log.
Thanks I've been searching for this for awhile. I know I'll be using this :)
I know it isn't just you a few people I've spoken with have been searching for full POST
data logging without needing to write their own mod.
> And (I am trying really hard now :), it can also filter
> individual parameters. For example, if you have something
> with a rule
> SecFilterSelective ARGS|!ARG_content "<( |\n)+>"
> You can allow HTML to come through variable "content" but
> not through "title".
That is VERY nice :)