Welcome to MobyThreads.com!
FAQFAQ   SearchSearch      ProfileProfile    Private MessagesPrivate Messages   Log in/Register/PasswordLog in/Register/Password

regexp output filtering

  
   Web Hosting and Web Master Forums (Home) -> Apache RSS
Related Topics:
RegExp Basic Question - Hi there, I got a stupid problemn but I cannot get thru'. I would like to say in my regexp in a SetEnvIf clause that if my URI as the following format I want to set smthing. Thanx by advance Philippe

Web directory filtering - Hi, I have a Web Alias directory that contains 7 files called A1.txt, A2.txt, B1.txt, B2.txt, C1.txt ,C2.txt and Is there anyway for a user to specify a URL that will allow them to filter files in this directory when they are

Filtering Log Problems - I am currently having problems with Custom Logs under Apache 2.0.49 on Windows XP. I am trying to achieve one of the following : 1) Ignore all requests where the status code is 401 or 2) Capture only requests that have a User Name with them I am..

CONNECT filtering - Hi. I have noticed a large amount of the following in my logs - - +0800] 200 3505 0 Any to what is happening here? How do I..

mod_security : how to overwrite all rules without disablin.. - Hello! I'm some problems with my hosting; I can use a file to overwrite Apache settings, but they just added and a wide set of filtering rules (which I don't know and they don't tell me) which screw my site. If I add ..
Next:  Apache: ice  
Author Message
chris9999

External


Since: Nov 25, 2004
Posts: 1



(Msg. 1) Posted: Thu Nov 25, 2004 5:56 pm
Post subject: regexp output filtering
Archived from groups: alt>apache>configuration (more info?)
Hi,
I would like to filter the output content on a regexp base to avoid
confidential data to be sent to the user. For instance, if the data
contains "password is ...", replace it by "data not available". It can
be used too to prevent a hacker to obtain system informations via sql
injection for instance.
I've read about mod_ext_filter, but it's not suitable for performances
issues.
I'd like to use something like SetOutputFilter but don't know how to
set up a suitable filter.
Redirecting to a specific page would be nice too.

 >> Stay informed about: regexp output filtering 
Back to top
Login to vote
jring

External


Since: Jun 30, 2003
Posts: 154



(Msg. 2) Posted: Fri Nov 26, 2004 2:58 pm
Post subject: Re: regexp output filtering [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
 > I would like to filter the output content on a regexp base to avoid
 > confidential data to be sent to the user. For instance, if the data
 > contains "password is ...", replace it by "data not available". It can
 > be used too to prevent a hacker to obtain system informations via sql
 > injection for instance.
 > I've read about mod_ext_filter, but it's not suitable for performances
 > issues.
 > I'd like to use something like SetOutputFilter but don't know how to
 > set up a suitable filter.
 > Redirecting to a specific page would be nice too.

you want to look at ivan ristic's excellent mod_security. afaik it
does not allow to substitute stuff, but redirecting, throwing an error
or even shoot back at the culprit (bad idea, btw. for various reasons)
is possible. also you could also use it to prevent the sql-injection
before it takes place.

joachim<!-- ~MESSAGE_AFTER~ -->

 >> Stay informed about: regexp output filtering 
Back to top
Login to vote
Display posts from previous:   
   Web Hosting and Web Master Forums (Home) -> Apache All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



[ Contact us | Terms of Service/Privacy Policy ]