httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Brown <...@ng23.net>
Subject [users@httpd] apache > iis asp > mssql
Date Tue, 15 Jul 2008 14:52:28 GMT
Hi

I have apache sat in front of some IIS servers to do some logging, they 
just pass the request over to IIS. I have an issue where there are sql 
injection attacks coming through and i wonder at the URL level can i 
filter these out and thrown them away at the apache level. I am checking 
through but it seems that 'VARCHAR' is being used in the attack but not 
in any valid URL - Is there any rewrite or similar to be able to 
mitigate this?

thanks


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message