Apache Rewriting Rules - Safe patterns

Discuss the many weaknesses of browser security and ways to mitigate the threat

Apache Rewriting Rules - Safe patterns

Post by tmow on Fri Jun 17, 2011 3:54 pm
([msg=58658]see Apache Rewriting Rules - Safe patterns[/msg])

Hi all,

I'm going to check several Apache installations and I was wondering if there is a tool that I can use to test all the rewriting rules, against some typical, let's say unsafe, generic patterns.

If the tool doesn't exist, I think it's something feasible to implement, so the next question is, are you aware of any list of regular expressions/pattern, that can be used for this purpose?

If they don't exist and if you think it's feasible, can you please help me compiling this list?

Thanks in advance
A
tmow
New User
New User
 
Posts: 2
Joined: Thu Jun 16, 2011 4:52 pm
Blog: View Blog (0)


Re: Apache Rewriting Rules - Safe patterns

Post by JoeyPardella on Sat Jun 18, 2011 8:00 am
([msg=58688]see Re: Apache Rewriting Rules - Safe patterns[/msg])

it's not specifically apache but you'll find all the common IDS rules here:

https://demo.phpids.org/

also knows as the site where you can "practice your kung fu"
JoeyPardella
Experienced User
Experienced User
 
Posts: 81
Joined: Tue Jan 04, 2011 8:43 am
Blog: View Blog (0)


Re: Apache Rewriting Rules - Safe patterns

Post by tmow on Sat Jun 18, 2011 10:13 am
([msg=58691]see Re: Apache Rewriting Rules - Safe patterns[/msg])

JoeyPardella wrote:it's not specifically apache but you'll find all the common IDS rules here:

https://demo.phpids.org/

also knows as the site where you can "practice your kung fu"


Thanks Joey!
tmow
New User
New User
 
Posts: 2
Joined: Thu Jun 16, 2011 4:52 pm
Blog: View Blog (0)



Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests