Can mod_security be used to inspect post variables? It looks like I can through turning SecRequestBodyAccess. I would like to check the username POST field from a form in wp-login.php. If it's value is "admin", I want to return an error and block the IP address for 10 minutes.
I've seen mod_security rules to block an IP for multiple incorrect logins but I would like to catch it before it utilizes PHP or any database requests.
Best Answer
First enable json parser through this statement:-
and then use the following statement: