Welcome! Log In Create A New Profile

Re: Block SQL Injection

Forum List Message List New Topic Print View

Cliff Wells

April 20, 2011 04:24PM

Registered: 15 years ago
Posts: 288

On Wed, 2011-04-20 at 13:05 -0400, jacppe wrote:
> Hi all. Anybody know how can I block some characters for avoid SQL
> Injection using Nginx as web server o HTTP reverse-proxy?
> Thanks a lot.

You can't really, unless you write a custom module. Rewrite rules won't
help since they don't deal with the POST body. There may be some filter
module I'm unaware of that could do it, but I'd still suggest you don't.
It's much better to simply use software written by moderately capable
developers. SQL-injection is so trivial to avoid at the application
level that it's borderline unforgivable to find it in a modern web app.

Regards,
Cliff

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
Block SQL Injection	jacppe	April 20, 2011 01:05PM
Re: Block SQL Injection	SplitIce	April 20, 2011 01:26PM
Re: Block SQL Injection	Cliff Wells	April 20, 2011 04:24PM
Re: Block SQL Injection	Ryan Malayter	April 20, 2011 04:48PM
Re: Block SQL Injection	unclepieman	April 20, 2011 05:10PM
Re: Block SQL Injection	Joe	April 20, 2011 05:24PM
Re: Block SQL Injection	Cliff Wells	April 20, 2011 06:12PM
Re: Block SQL Injection	unclepieman	April 20, 2011 08:46PM
Re: Block SQL Injection	Cliff Wells	April 20, 2011 09:38PM
Re: Block SQL Injection	unclepieman	April 20, 2011 11:10PM
Re: Block SQL Injection	Cliff Wells	April 20, 2011 11:32PM
Re: Block SQL Injection	edogawaconan	April 20, 2011 11:42PM
Re: Block SQL Injection	Cliff Wells	April 21, 2011 12:00AM
Re: Block SQL Injection	António P. P. Almeida	April 20, 2011 05:44PM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 298

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018