Querystringler için aşağıdaki fonksiyonu kullanabilirsiniz.

'************************************************* **************
Dim Web_SqlInject
Web_SqlInject = "select,insert,update,delete,having,',+,union,`,<, >,database,md5,substring,drop,SELECT,INSERT,UPDATE ,DELETE,HAVING,UNION,DATABASE,MD5,SUBSTRING,DROP,% 27,[query]"

'************************************************* **************


'************************************************* **************
Dim qstr
qstr = request.servervariables("QUERY_STRING")
If isSQLInject(qstr) = True Then
response.redirect "https://www.xxx.com/"
End If

'************************************************* **************
Function isSQLInject(StrPara)
isSQLInject = False
If IsNull(StrPara) Then Exit Function
SqlInject = Split(Web_SqlInject, ",")
For ik = 0 To UBound(SqlInject)
If InStr(LCase(StrPara), LCase(SqlInject(ik))) <> 0 Then
isSQLInject = True
Exit For
End If
Next
End Function
'************************************************* **************