IIS - Microsoft Internet Information Services

HomeForums

Browse by Tags

All Tagssql injectionURlScan SQL Injection (RSS)

  • URLScan 3.0 RTW: [AlwaysAllowedQueryStrings]

    Doing some testing, currently, and running into some issues with this. We've got a couple cases where things like 'cast' or 'open' are appropriate for our webpages. I've setup an AlwaysAllowedQueryStrings section: [AlwaysAllowedQueryStrings] branch=Openshaw branch=Newcastle+upon...
    Posted to Forum by jgraham on 09-02-2008, 9:46 AM

  • Re: UrlScan 3.0 Beta not capturing SQL Injection

    Rovastar, I can confirm that the workaround that KentZhou posted works. I have included below the contents of the RuleList section in the UrlScan.ini as I have it in my test box. After changing the rule though I issued an iisreset /restart command before I tested so the UrlScan.ini's settings were...
    Posted to Forum by apajlopez on 08-18-2008, 8:51 AM
Page 1 of 1 (2 items)

Powered by IIS7   Powered by ASP.NET 2.0

Copyright © 2008 Microsoft Corporation. All Rights Reserved. | Terms of Use | Privacy Statement | About our Team
Questions/Problems with www.iis.net? | Interested in Advertising with us? | Hosted by OrcsWeb | Ads served by BanManPro

Page view counter