On Jul 15, 2008, at 7:52 AM, Tom Brown wrote:

> I have apache sat in front of some IIS servers to do some logging,
> they just pass the request over to IIS. I have an issue where there
> are sql injection attacks coming through and i wonder at the URL
> level can i filter these out and thrown them away at the apache
> level. I am checking through but it seems that 'VARCHAR' is being
> used in the attack but not in any valid URL - Is there any rewrite
> or similar to be able to mitigate this?

Check out modSecurity http://www.modsecurity.org/

S.

--
Sander Temme
sctemme@(protected)
PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF