On 2019-10-18 13:57, P.V.Anthony wrote: > Like netsec and using "if" in the config.
The `if' part should be fine. The problem would be someone crafting a URL that skips past the `=' check and yet is still parsed as `id=2' by the underlying app. Can the underlying old app also be changed to log an attack, and throw a 444 when it gets an `id' set to 2? Patrick _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
