Can IIRF Match against POST variables?

Topics: Developer Forum, User Forum
May 26, 2008 at 12:42 AM
Hi we are being attacked by Arabian hackers and I thought I could use IIRF to block the attacks, I can do the GET rewrites but the attack can also come VIA a POST request, is there anyway to match against POST form content/variables?

I can't see anything in the Server Variable References so I am guessing it's avoided due to form content size or ISAPI restrictions, but it would be good to know!

I think I could do this with mod_security on apache, I wonder if there's an IIS ISAPI port....

May 30, 2008 at 11:25 PM
IIRF works on URLs only.  Not on POST Data.
You'll need a different tool for that.
May 31, 2008 at 12:13 AM
Thanks Cheeso we had blocked the attacks at application level by this time.