Trustwave Knowledge Base

KB Home Search Latest Additions Most Popular

HOWTO: Disabling JSON Requests in Modsec

To disable JSON, disable the rule that enables the JSON body processor. This rule is included in the recommended configuration file for ModSecurity.

SecRuleREQUEST_HEADERS:Content-Type "application/json""id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON"

Use the SecRuleRemoveById 200001 directive to disable this rule.

For more information about how to apply the directive, see the related articles listed below.

To contact Trustwave about this article or to request support:

Create a case through the support portal (U.S. Government customers, use the TGS support portal).
Call us on a local phone number.

Rate this Article:


	Q19482 HOWTO: ModSecurity Exception Handling - Explicitly Remove a Rule ID
	Q20056 HOWTO: ModSecurity Exception Handling - Conditionally Remove a Rule ID

Comment submission is disabled for anonymous users.
Please send feedback to Trustwave Technical Support or the Webmaster.

Execution: 0.031. 10 queries. Compression Disabled.