Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

Output filtering now in CVS

The new output filtering functions are now in CVS. I implemented this feature for Apache 2 first because of two reasons. First, this version supports the notion of input/output filters - making filtering work is simply a case of using the module API. In addition to that, I've been using mod_security as part of a reverse proxy for some time now and I really, really wanted it to be able to filter output.

As for Apache 1.x, well, I have a pretty good idea how I would be able to implement output filtering even without an API support. It is tricky, and I am not sure whether it will be portable (to Windows) but I'll give it a try.

To use output filtering, first turn it on by typing:

SecFilterOutput On

You are then free to apply filters against the output using a new selective filtering variable "OUTPUT". LIke this:

SecFilterSelective OUTPUT "some rude word"