LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-02-2014, 02:30 PM   #1
madunix
LQ Newbie
 
Registered: Oct 2003
Posts: 25

Rep: Reputation: 0
SQLi


Is it possible to block sql injection string accessing the web server http/https by using iptables?

-mad
 
Old 06-02-2014, 04:05 PM   #2
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 3,333

Rep: Reputation: Disabled
Not really. iptables work at the network and transport layer, but what you want to do is inspect application level traffic and look for SQL commands. A reverse proxy would be a better approach.

(IMHO, the best way to prevent SQL injection is to make sure the web application doesn't have that vulnerability in the first place. That's pretty easy to do with stored procedures. You really don't want the application to build SQL query strings manually, and certainly not using client-supplied data.)
 
Old 06-03-2014, 06:20 PM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
...additionally also see mod_security (and maybe products like GreenSQL, Guardium and alternatives).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:20 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration