Skip to content
A module for ModSecurity to allow GWT-RPC payload parsing
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


mod_gwtrpc is an extension for ModSecurity to allow GWT-RPC payload parsing.

Since GWT-RPC payload is a serialization of Java objects, mod_gwtrpc can not (and don't need to) deserialize these objects in C.

mod_gwtrpc assumes that any value do not match to data-type format is an user input value.

For example :


The payload passed to ModSecurity is:


Only GWT-RPC v7 is tested. You can modify the code yourself in order to make it work well with other versions of GWT-RPC and other payload formats.


If you do not have apxs installed, install it first.

Compile as a normal user:

apxs -I <ModSecurity_source_path> -I /usr/include/libxml2 -ca mod_gwtrpc.c

Install as a super user:

sudo apxs -i

Using the module

Once mod_gwtrpc is built and installed, you can load it like any other Apache module, but it must be loaded after the module:

#Load mod_security module

LoadModule security2_module modules/

#Load mod_gwtrpc module

LoadModule gwtrpc_parser_module modules/

Write a phase 1 rule to set the parser:

SecRule REQUEST_HEADERS:Content-Type "gwt/x-gwt-rpc?" "id:'1994',phase:1,pass,nolog,ctl:requestBodyProcessor=GWTRPC"

Any request that matches GWT-RPC content-type will be processed by mod_gwtrpc.


Feel free to open an issue here for any problems.

Thanks !

You can’t perform that action at this time.