Can I block sql injecton attack using urlscan?

[joonh lee <fruupp () empal com>]

Hi..
I want to block sql injection attack..
My server has vulnerability about this..-_-;;

Some people say remedy the source..but I can't do that.-_-;;
It's not my source so It will take many time i think..

So I tried to block sql injection attack using urlscan..
But urlscan couldn't filter urlsequences after "?".

This is is my DenyUrlSequences^^
' ; Prevent SQL injection 
-- ; Prevent Sql Injection

Who has good idea about blocking this?
Please tell me how to do that..^^

have a good day