Can I block sql injecton attack using urlscan?

From: joonh lee <fruupp(at)empal.com>
Date: Tue Apr 22 2003 - 05:08:40 EDT

('binary' encoding is not supported, stored as-is)

Hi..
I want to block sql injection attack..
My server has vulnerability about this..-_-;;

Some people say remedy the source..but I can't do that.-_-;; It's not my source so It will take many time i think..

So I tried to block sql injection attack using urlscan.. But urlscan couldn't filter urlsequences after "?".

This is is my DenyUrlSequences^^
' ; Prevent SQL injection
-- ; Prevent Sql Injection

Who has good idea about blocking this?
Please tell me how to do that..^^

have a good day Received on Tue Apr 22 10:02:47 2003