[mod-security-users] protect 3rd party API block everything only allow specific calls to the api wi

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi there,

So it happens we have a 3rd party API provider that we need to expose, the
API is quite extensive, we would like to basically block every single call
to the API except for a very specific call with some specific parameters,
for example

block something like this
curl -s -d "<config classId='c' cookie='xx'  />"
and allow only something like this
curl -s -d "<setup classId='x' cookie='xx'  />"

we have the full API reference so we could have one rule per api call that
we want to block, what would be the best way to achieve this ?  on modsec 2
?

Thanks in advance

[mod-security-users] protect 3rd party API block everything only allow specific calls to the api wi

[mod-security-users] protect 3rd party API block everything only allow specific calls to the api with specific parameters