ModSecurity Breach

ModSecurity Blog

« Masking your web server | Main | Enhanced rules now available »

Cookie parsing added

Now you can analyse cookies using new selective filtering variables (COOKIE_name, COOKIE_NAMES, COOKIE_VALUES). Even before this change it was possible to look at cookies (as cookies are just HTTP headers) but the functionality was limited. ModSecurity now parses cookies for you.

Let's say you wanted to prevent XSS attacks via the PHP session cookie; this filter would make sure the cookie is in order:

SecFilterSelective COOKIE_PHPSESSID "^[0-9a-z]+$"

COOKIE_NAMES and COOKIE_VALUES will examine all cookie names and values, respectively.

Calendar

November 2010
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30

Feeds

Atom Feed

Search

Categories

Recent Entries

Archives