Matching numbers
Both regular expressions and the simple string matching operators work on character strings. As we saw in a previous example, using a regex to match against numbers can be error-prone, and regular expressions can often be cumbersome when you want to match against numbers. ModSecurity solves this problem by providing us with operators that can be used to compare numbers when we know that the arguments we are examining are numeric.
The following are the numerical operators ModSecurity provides:
|
Operator |
Description |
|---|---|
|
@eq?
|
Matches if the variable contains a number that is equal to the specified value. Example:
SecRule RESPONSE_STATUS "@eq 200"
This rule matches if the response code is 200. |
|
@ge?
|
Matches if the variable contains a number that is greater than or equal to the specified value. Example:
SecRule RESPONSE_STATUS "@ge 400"
This rule matches if the response code is greater than or equal to 400. Since error codes are defined as having an HTTP status code... |
