I know I can inspect GET query string parameters in rewritecond as follows:
RewriteCond %{REQUEST_URI} ^/somepath/somepath
RewriteCond %{REQUEST_METHOD} GET
RewriteCond %{QUERY_STRING} try=3
RewriteCond %{QUERY_STRING} name=([^&]*)
RewriteRule ^/somepath/somepath(.*) /otherpath/otherpath?name=%1 [R]
How do I inspect POST parameters that are in the request body? I hear mod_security can do it, but I'm not finding any examples of how I'd use mod_security in conjunction with mod_rewrite like the above example.
I intend to use something like this to handle POSTs:
RewriteCond %{REQUEST_URI} ^/somepath/somepath
RewriteCond %{REQUEST_METHOD} POST
RewriteRule ^/somepath/somepath(.*) /otherpath/otherpath [PT]
...except that I need a RewriteCond that inspects the POST parameters to see if "try=3".
Can modsecurity inspect the request body and load the result of that inspection in an environment variable? that would work...
You can't inspect the request body using mod_rewrite.
You may have to rewrite POST requests to a script if that's something that you can do. Browser's aren't always going to resend POST data if you redirect them.