r1 - 15 Feb 2007 - 16:13:09 - ChristianFoliniYou are here: TWiki > 
Main Web > Task35Start > IndividualHeaderCheck
Main Web > Task35Start > IndividualHeaderCheckRule Discussion "Individual Header Check"
The individual header check makes sure that an individual header is- not present
- or if it is present, it should meet our pattern
# Checking request header "Referer" SecRule &HTTP_Referer "!^(.*)$" "chain,t:none,deny,id:2,status:501,severity:3,msg:'Request header Cache-Control failed validity check.'" SecRule HTTP_Referer "!^(bar)$" "t:none"This rules line of this chained rule checks if the number of headerlines for this header is non equal to 0. This means we check for the presence of the header. On the second line of this chained rule, we check the header for compliance. Here it is only .*, but it can be any regex. If the 2nd line triggers, the denial rule on the first line comes into effect.
-
Main Web
-
Start new story
- Start new task
- Create New Topic
-
Index
-
Search
-
Changes
-
Notifications
-
Statistics
-
Preferences
No permission to view WebLeftBarWebsList?
No permission to view WebTopBar?
No permission to view WebBottomBar?