Hi

I have apache sat in front of some IIS servers to do some logging, they
just pass the request over to IIS. I have an issue where there are sql
injection attacks coming through and i wonder at the URL level can i
filter these out and thrown them away at the apache level. I am checking
through but it seems that 'VARCHAR' is being used in the attack but not
in any valid URL - Is there any rewrite or similar to be able to
mitigate this?

thanks


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@(protected)
 "  from the digest: users-digest-unsubscribe@(protected)
For additional commands, e-mail: users-help@(protected)