Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 

Current Page: 1 of 1
Results 1 - 2 of 2
4 years ago
rcbarnett
Yeah, this is re-enforcing what we already knew after discussing the translation of the default_filters.xml data into ModSecurity's rules language with Mario. While we have converted some of the normalization functions from the Converter.php code into ModSecurity SecRules, there are still some that we are missing (namely the conversion of various quotes into just double-qoutes) and thus some of t
Forum: Projects
6 years ago
rcbarnett
The biggest attack vector that this missing is argument data past in POST payloads. Mod_Rewrite does not have a variable for this data so it would only catch attacks passed in QUERY_STRINGS. So, if you have an app (such as Joomla, WordPress, etc...) that accepts POSTs then this defense will not work. Use ModSecurity - www.modsecurity.org - it is free and it allows for much better control over
Forum: News and Links
Current Page: 1 of 1