Using ModSecurity

ModSecurity is a popular open source web application firewall that can be used in conjunction with the Apache and Nginx web servers. When leona is configured behind a web server that uses ModSecurity, certain configuration changes must be made.

Some distributions (for example RHEL 7.x) ship with older rule sets that do not allow the MIME type application/json to be used in requests. This can be fixed by modifying the variable tx.allowed_request_content_type:

# Allow application/json
SecRule REQUEST_URI "@beginsWith /" \
   "id:'000001', \
   phase:1, \
   t:none, \
setvar:'tx.allowed_request_content_type=application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/x-amf|application/json|application/octet-stream', \
   nolog, \
   pass"