Hello
This rule might be helpful when you use Apache (as proxy) with modsecurity
SecRule REQUEST_URI "@beginsWith /api/" \
"id:'000002', \
phase:1, \
t:none, \
setvar:'tx.allowed_methods=GET POST PUT DELETE', \
setvar:'tx.allowed_request_content_type=application/json', \
nolog, \
pass"
It allows GET POST PUT DELETE methods and application/json content type to access API
interesting. where would this code be placed
Hello
This rule might be helpful when you use Apache (as proxy) with modsecurity
It allows
GET POST PUT DELETEmethods andapplication/jsoncontent type to access API