我想在IIS 6上使用UrlScan阻止用户代理.但是,我无法在字符串中指定带有分号的用户代理.我认为这是一个非常常见的情况,但是我无法在UrlScan.ini(其中使用分号进行注释)中找到任何有关如何转义分号的答案. 这是规则:
I want to block user-agents with UrlScan on IIS 6. However I am not able to specify a user-agent with a semicolon in the string. I think this is a very common scenario, but I can't find any answer on how to escape a semicolon in UrlScan.ini (where semicolon are used for commenting). This is the rule:
RuleList=DenyUserAgent [DenyUserAgent] DenyDataSection=AgentStrings ScanHeaders=User-Agent [AgentStrings] Mozilla/5.0 (Windows NT 5.1; rv:6.0) Gecko/20100101 Firefox/10.0.2我对其进行了测试,它阻止了所有以"Mozilla/5.0(Windows NT 5.1)"开头的用户代理,因为它会将字符串的其余部分视为注释.
I tested it and it blocks all the user-agents that start with "Mozilla/5.0 (Windows NT 5.1" because it considers the rest of the string as a comment.
推荐答案似乎您需要对URL进行转义,即%3B
It seems like you would need to URL escape it, i.e. %3B
请参见 learn.iis/page.例如:aspx/476/common-urlscan-scenarios/;他们有一个这样的例子,就是在查询字符串中使用分号来阻止SQL注入攻击
See learn.iis/page.aspx/476/common-urlscan-scenarios/ for examples; one such example they have is blocking semicolon in the querystring to block a SQL injection attack
更多推荐
在UrlScan.ini中使用分号指定字符串
发布评论