Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
ModSecurity 2.5

You're reading from   ModSecurity 2.5 Prevent web application hacking with this easy to use guide

Arrow left icon
Product type Paperback
Published in Nov 2009
Publisher Packt
ISBN-13 9781847194749
Length 280 pages
Edition 1st Edition
Arrow right icon
Toc

Table of Contents (17) Chapters Close

ModSecurity 2.5
Credits
About the Author
About the Reviewers
1. Preface
1. Installation and Configuration 2. Writing Rules FREE CHAPTER 3. Performance 4. Audit Logging 5. Virtual Patching 6. Blocking Common Attacks 7. Chroot Jails 8. REMO 9. Protecting a Web Application Directives and Variables Regular Expressions Index

More about collections


Let's look at some more things that can be done with collections, such as counting the number of items in a collection or filtering out collection variables using a regex.

Counting items in collections

You can count the number of items in a collection by prefixing it with an ampersand (&). For example, the following rule matches if the client does not send any cookies with his request:

SecRule &REQUEST_COOKIES "@eq 0"

You can also use the count operator to make sure that a certain field in a collection is present. If we wanted a rule to match if the User-Agent header was missing from a request we could use the following:

SecRule &REQUEST_HEADER:User-Agent "@eq 0"

The above will match if the header is missing. If instead there is a User-Agent header but it is empty the count operator would return 1, so it is important to be aware that there is a difference between a missing field and an empty one.

Tip

It is perfectly valid for a query string or POST request to...

You have been reading a chapter from
ModSecurity 2.5
Published in: Nov 2009
Publisher: Packt
ISBN-13: 9781847194749
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime