Showing 3 results for: July 2003 ×ModSecurity ×

Added Unicode encoding validation

I've just committed the Unicode validation feature to the CVS. It is a very good thing to have if the application or the operating system support and/or understand Unicode. Most importantly, this feature will protect from attacks where an ASCII...

Selective Filtering

I've just added a new feature to mod_security (CVS, both versions) that allows you to achieve a better control of what gets filtered. Up until now mod_security looked at every single request. Since most static resources (e.g. images) are not...

Fun with PHP CLI scripts

I've had quite a lot of "fun" with PHP CLI scripts the other day. As you perhaps know, there is an "exec" feature built into mod_security that allows you to execute some external binary in response to a filter match....