[Modsecurity] Minor typo in rules.conf (N-20060419-01)
Kevin Bonner
keb at pa.net
Tue Sep 12 12:03:31 EDT 2006
On Monday 24 April 2006 17:25, Kevin Bonner wrote:
> Attached is a short patch for rules.conf to fix a typo discovered.
>
> Kevin Bonner
This typo still exists in the latest N-20060803-01 version. Is there a better
spot to report this and/or submit patches? The typo can be seen in the rule
below.
== rules.conf N-20060803-01 ==
#Generic PHP remote file injection
SecFilterSelective REQUEST_URI "!((galler(y|i)/do_command))" chain
SecFilterSelective REQUEST_URI "\.php\?.*=(http|http|ftp)\:/.*(cmd|command)="
== end rules.conf ==
The following should be an acceptable change:
SecFilterSelective REQUEST_URI "\.php\?.*=(ht|f)tps?\:/.*(cmd|command)="
Kevin Bonner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.gotroot.com/pipermail/modsecurity/attachments/20060912/2dd33307/attachment.bin
More information about the Modsecurity
mailing list