Page 1 of 1

UNION/CLIKE Detection: Any ideas?

Posted: Thu Feb 10, 2005 9:37 am
by Maugrim_The_Reaper
Beside securing the usual validation of vars and proper escaping - wondering if there are any known methods of detecting these attacks when passed through GET/POST?

I've come across the usual preg_match on "UNION" or "%20UNION%20" but if there's a more in-depth check it's be appreciated.

Same for CLIKEs :)

At the moment my scripts appear well prepared - but I'd like to track such attempts in any case - just to see what peeps are trying on my server...

Posted: Thu Feb 10, 2005 9:41 am
by feyd
given the right escapement utility, it shouldn't matter if they submit such requests. If this isn't for a programming site, then you may want to look at enabling/installing mod_security (if you are running apache)