When in the Edit Filtering Rule dialog in IIS, is the case of the string, e.g. cast(
important?
We're seeing SQL injection attack attempts that have the string in various combinations of upper- and lower-case, like cAsT(
. Do we need to be specific? I would expect that the module doesn't expect one to think of all the possible combinations but I can't find it clearly stated as the case in any of the online re