|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: zeno (bugtraq_at_cgisecurity.net)
Date: Tue Dec 10 2002 - 12:13:15 CST
> Bill Burge wrote:
> > After a cursory glance, other than removing a some abstraction
> > and making configuration a little more straight forward; I'm not
> > sure how this differs from what can be done with mod_rewrite.
>
> One major feature: it filters POST payloads, too. There is no
> point of having any kind of web application firewall if you
> allow attackers to attack you via POST.
>
> The other major feature (at least to me) is the full (POST
> included) audit log.
Thanks I've been searching for this for awhile. I know I'll be using this :)
I know it isn't just you a few people I've spoken with have been searching for full POST
data logging without needing to write their own mod.
>
> And (I am trying really hard now :), it can also filter
> individual parameters. For example, if you have something
> like:
>
> script.php?title=value1&content=value2
>
> with a rule
>
> SecFilterSelective ARGS|!ARG_content "<( |\n)+>"
>
> You can allow HTML to come through variable "content" but
> not through "title".
That is VERY nice :)
- zeno
cgisecurity.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]