Not signed in (Sign In)

  • Subscribe

    • Feed

PHPIDS filters: Select specific filters (or class) per field

Bottom of Page

1 to 2 of 2

  1.  
    • CommentAuthorJustin
    • CommentTimeJul 23rd 2010
     
    Hey all,

    PHPIDS is very useful, I appreciate all the work you guys are putting in.

    I'm running into an interesting issue. I have a string that detects as a directory traversal. I know that the string is not a directory traversal. I also know that the particular field it comes in on is not vulnerable to directory traversal attacks. This field is vulnerable to other attacks, and other fields on my system may be vulnerable to directory traversal.

    Is there any way to turn off certain rules for certain fields? Maybe even turn them on and off by class (so in this case, we'd turn off any rules with the dt tag for this one field).

    If not, would you accept a patch? If so, we should discuss how you would want that kind of information to be configured by the user.

    Thanks!
    •  
      CommentAuthor.mario
    • CommentTimeAug 5th 2010
     
    We don't have field<->rule based exceptions so far - but a patch would be welcome!

1 to 2 of 2

  1.