HiI have apache sat in front of some IIS servers to do some logging, they just pass the request over to IIS. I have an issue where there are sql injection attacks coming through and i wonder at the URL level can i filter these out and thrown them away at the apache level. I am checking through but it seems that 'VARCHAR' is being used in the attack but not in any valid URL - Is there any rewrite or similar to be able to mitigate this?
thanks --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|