Hi all. Anybody know how can I block some characters for avoid SQL
Injection using Nginx as web server o HTTP reverse-proxy?
Thanks a lot.
You can't really, unless you write a custom module. Rewrite rules won't
help since they don't deal with the POST body. There may be some filter
module I'm unaware of that could do it, but I'd still suggest you don't.
It's much better to simply use software written by moderately capable
developers. SQL-injection is so trivial to avoid at the application
level that it's borderline unforgivable to find it in a modern web app.