Hi
I have apache sat in front of some IIS servers to do some logging, they
just pass the request over to IIS. I have an issue where there are sql
injection attacks coming through and i wonder at the URL level can i
filter these out and thrown them away at the apache level. I am checking
through but it seems that 'VARCHAR' is being used in the attack but not
in any valid URL - Is there any rewrite or similar to be able to
mitigate this?
thanks
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
