"With it you could write some rules to deny any HTTP request that contains any login credentials:"
Where do I go to understand how to create such rules? I'm not very knowledgeable about structure of rules; I've only created ACLs that block websites (launch.yahoo.com; gator.com; these are very simple and straightforward). A resource for designing them would be wonderful. TIA!
