Modsecurity with rule from OWASP rule set, make security very strict, sometimes modsecurity flag false positive in content that we post in form.

To whitelist the spesific path, we can add on modsecurity.conf to whitelist those path or spesific url.

We are on ubuntu server 22.04 with nginx and modsecurity installed and owasp rule in /etc/nginx/conf/owasp-crs/.

sudo nano /etc/nginx/conf/owasp-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf

and add this line in the bottom of the file

SecRule REQUEST_URI "@beginsWith /ptickets" "id:932130,phase:1,log,allow,ctl:ruleEngine=off

This mean :

Request URI begin with /ptickets will be ignored in modsecurity with rule id is 932130. Rule id 932130 is rule on OWASP for prevent Remote Code Execution on our website and it's need to be unique.

Don't forget to reload our nginx server to take effect :

sudo service nginx reload

Thank you very much, hope this post is useful and give us some love!