#scrubbing pattern
scrub.pattern.1=(convert|cast).*\(.*(int|bigint|smallint|tinyint|bit|decimal|numeric|money|smallmoney|float|real|char|varchar|text|nvarchar|nchar|ntext|binary|varbinary|image|cursor|variant|table|timestamp)
scrub.pattern.2=exec\s+\w*\s?\(
scrub.pattern.3=execute\s+\w*\s?\(
scrub.pattern.4=(\r|\n).*((b)?cc\:|Content-Type[^A-Z]|MIME-Version[^A-Z])
scrub.pattern.5=(;|')+\s*(union|select|insert|update|delete|drop|grant|declare|truncate|exec\s(sp_|xp_))
scrub.pattern.6=@@
scrub.pattern.7=(and|or)\s+\d+=\d+.*--
scrub.pattern.8=\d+'A=0
scrub.pattern.9=select\s*(1|\*)\s*from
scrub.pattern.10=union\s+(all|select)
scrub.pattern.11=select\s*(1|char|concat|load_file)
#scrub.pattern.12=\$\s*{ -- too agressive, stopping bid application
scrub.pattern.12=\$\s*{(?!bidLineId).*}
#warn only URLs on POST
warn.only.url.pattern.1=^https?://(richs|www)\.(fslibrary|dmlibrary|onlinecarma|ez2edit|mafsilibrary)\.com/M\d*

 

#funny IP address
#funny.ip=192.168.101.103