|
From: Christian F. <chr...@ne...> - 2018-10-09 03:40:31
|
Hello Ivan, That sounds like a call for a whitelisting rule set. You can take my basic recipe in tutorial 6, step 8 as a base and adopt as needed: https://www.netnea.com/cms/apache-tutorial-6_embedding-modsecurity/ Working with XML is a bit tricky and I have not really done whitelist extensively. So I am not sure you can really address each parameter accordingly for whitelisting through ModSec. But it's a start. Good luck! Christian On Tue, Oct 09, 2018 at 09:28:14AM +1100, Ivan Rodriguez wrote: > Hi there, > > So it happens we have a 3rd party API provider that we need to expose, the > API is quite extensive, we would like to basically block every single call > to the API except for a very specific call with some specific parameters, > for example > > block something like this > curl -s -d "<config classId='c' cookie='xx' />" > and allow only something like this > curl -s -d "<setup classId='x' cookie='xx' />" > > we have the full API reference so we could have one rule per api call that > we want to block, what would be the best way to achieve this ? on modsec 2 > ? > > Thanks in advance > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
