John Hardin wrote:
On Mon, 8 Mar 2010, Ned Slider wrote:
So I've refined the rule to specifically exclude hitting on the
sequence ../. which stops the rule triggering on multiple relative paths.
uri LOCAL_URI_HIDDEN_DIR /(?!.{6}\.\.\/\..).{8}\/\../
How about:
uri LOCAL_URI_HIDDEN_DIR m;.{8}/\..(?!/);
Yes, that works too on my examples and is probably a more elegant
solution than mine :-)
John - are you able to try this rule in your sandbox and do mass checks?
I'd be interested to see how it scores.
