|
|
|
|
|
|
by _pmf_
3215 days ago
|
|
|
> and may in fact be a symptom of deeper string-validation issues It may also be a sign that there's a very early filtering stage that drops request at a very remote edge, which is a very good thing to do. See [0]; basically, you configure your server to completely drop requests that contain any character that has any possibility of being suspicious. [0] http://twiki.org/p/pub/Support/ConfigureFailsOnNext/mod_secu... |
|
|