Welcome! Log In Create A New Profile

Advanced

Re: Block SQL Injection

April 20, 2011 04:24PM
On Wed, 2011-04-20 at 13:05 -0400, jacppe wrote:
> Hi all. Anybody know how can I block some characters for avoid SQL
> Injection using Nginx as web server o HTTP reverse-proxy?
> Thanks a lot.

You can't really, unless you write a custom module. Rewrite rules won't
help since they don't deal with the POST body. There may be some filter
module I'm unaware of that could do it, but I'd still suggest you don't.
It's much better to simply use software written by moderately capable
developers. SQL-injection is so trivial to avoid at the application
level that it's borderline unforgivable to find it in a modern web app.

Regards,
Cliff


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx
Subject Author Posted

Block SQL Injection

jacppe April 20, 2011 01:05PM

Re: Block SQL Injection

SplitIce April 20, 2011 01:26PM

Re: Block SQL Injection

Cliff Wells April 20, 2011 04:24PM

Re: Block SQL Injection

Ryan Malayter April 20, 2011 04:48PM

Re: Block SQL Injection

unclepieman April 20, 2011 05:10PM

Re: Block SQL Injection

Joe April 20, 2011 05:24PM

Re: Block SQL Injection

Cliff Wells April 20, 2011 06:12PM

Re: Block SQL Injection

unclepieman April 20, 2011 08:46PM

Re: Block SQL Injection

Cliff Wells April 20, 2011 09:38PM

Re: Block SQL Injection

unclepieman April 20, 2011 11:10PM

Re: Block SQL Injection

Cliff Wells April 20, 2011 11:32PM

Re: Block SQL Injection

edogawaconan April 20, 2011 11:42PM

Re: Block SQL Injection

Cliff Wells April 21, 2011 12:00AM

Re: Block SQL Injection

António P. P. Almeida April 20, 2011 05:44PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 115
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready