github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Document was not valid DocBook. Fixed.

Browse Source
This commit is contained in:
ivanr 2007-02-22 13:17:49 +00:00
parent 6ebecdb3e5
commit 98188bd9b5
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
doc/modsecurity2-apache-reference.xml
View File

@ -199,7 +199,7 @@
commented to allow it to be used as a step-by-step deployment guide for commented to allow it to be used as a step-by-step deployment guide for
ModSecurity. The latest Core Rules can be found at the ModSecurity ModSecurity. The latest Core Rules can be found at the ModSecurity
website - <link website - <link
linkend="???">http://www.modsecurity.org/projects/rules/index.html</link>.</para> linkend="http://www.modsecurity.org/projects/rules/">http://www.modsecurity.org/projects/rules/</link>.</para>
</section> </section>
<section> <section>
@ -1009,7 +1009,7 @@ SecAuditLogStorageDir logs/audit
<para>Development of a state of the art external protection tool will be <para>Development of a state of the art external protection tool will be
a focus of subsequent ModSecurity releases. However, a fully functional a focus of subsequent ModSecurity releases. However, a fully functional
tool is already available as part of the Apache httpd tools project tool is already available as part of the Apache httpd tools project
(<link linkend="???">http://www.apachesecurity.net/tools/</link>). The (<link linkend="http://www.apachesecurity.net/tools/">http://www.apachesecurity.net/tools/</link>). The
tool is called httpd-guardian and can be used to defend against Denial tool is called httpd-guardian and can be used to defend against Denial
of Service attacks. It uses the blacklist tool (from the same project) of Service attacks. It uses the blacklist tool (from the same project)
to interact with an iptables-based (Linux) or pf-based (*BSD) firewall, to interact with an iptables-based (Linux) or pf-based (*BSD) firewall,
@ -1849,11 +1849,11 @@ SecRule HTTP_Host "!^$" "deny,<emphasis role="bold">phase:1</emphasis>"</program
slightly different name. In this case you can specify a regular slightly different name. In this case you can specify a regular
expression in the selection operator itself. The following rule will expression in the selection operator itself. The following rule will
look into all arguments whose names begin with <literal look into all arguments whose names begin with <literal
moreinfo="none">id_</literal>: <programlisting format="linespecific">SecRule ARGS:/^id_/ dirty</programlisting><para> moreinfo="none">id_</literal>: <programlisting format="linespecific">SecRule ARGS:/^id_/ dirty</programlisting></para>
<emphasis role="bold">Note</emphasis>
</para> In ModSecurity 1.X, the <literal>ARGS</literal> variable stood <note><para>In ModSecurity 1.X, the <literal>ARGS</literal> variable stood
for <literal>QUERY_STRING</literal> + <literal>POST_PAYLOAD</literal>, for <literal>QUERY_STRING</literal> + <literal>POST_PAYLOAD</literal>,
whereas now it expands to to individual variables.</para> whereas now it expands to to individual variables.</para></note>
</section> </section>
<section> <section>