github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

Document was not valid DocBook. Fixed.

Browse Source
This commit is contained in:
ivanr 2007-02-22 13:17:49 +00:00
parent 6ebecdb3e5
commit 98188bd9b5
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
doc/modsecurity2-apache-reference.xml
View File

@ -199,7 +199,7 @@
commented to allow it to be used as a step-by-step deployment guide for
ModSecurity. The latest Core Rules can be found at the ModSecurity
website - <link
linkend="???">http://www.modsecurity.org/projects/rules/index.html</link>.</para>
linkend="http://www.modsecurity.org/projects/rules/">http://www.modsecurity.org/projects/rules/</link>.</para>
</section>
<section>
@ -1009,7 +1009,7 @@ SecAuditLogStorageDir logs/audit
<para>Development of a state of the art external protection tool will be
a focus of subsequent ModSecurity releases. However, a fully functional
tool is already available as part of the Apache httpd tools project
(<link linkend="???">http://www.apachesecurity.net/tools/</link>). The
(<link linkend="http://www.apachesecurity.net/tools/">http://www.apachesecurity.net/tools/</link>). The
tool is called httpd-guardian and can be used to defend against Denial
of Service attacks. It uses the blacklist tool (from the same project)
to interact with an iptables-based (Linux) or pf-based (*BSD) firewall,
@ -1849,11 +1849,11 @@ SecRule HTTP_Host "!^$" "deny,<emphasis role="bold">phase:1</emphasis>"</program
slightly different name. In this case you can specify a regular
expression in the selection operator itself. The following rule will
look into all arguments whose names begin with <literal
moreinfo="none">id_</literal>: <programlisting format="linespecific">SecRule ARGS:/^id_/ dirty</programlisting><para>
<emphasis role="bold">Note</emphasis>
</para> In ModSecurity 1.X, the <literal>ARGS</literal> variable stood
moreinfo="none">id_</literal>: <programlisting format="linespecific">SecRule ARGS:/^id_/ dirty</programlisting></para>
<note><para>In ModSecurity 1.X, the <literal>ARGS</literal> variable stood
for <literal>QUERY_STRING</literal> + <literal>POST_PAYLOAD</literal>,
whereas now it expands to to individual variables.</para>
whereas now it expands to to individual variables.</para></note>
</section>
<section>