- You need to debug why your URL got blocked, and to get the firewall rule id.
- use the following command line :
sudo tail -f /var/log/apache2/modsec_audit.log- This will monitor the blocked requests.
- Hit the URL again to check the logs and see why it got blocked , and you will get something like the following
- Use this Id and the URI you need to exclude and add it to the following file
/etc/apache2/mods-enabled/security2.conf
nano /etc/apache2/mods-enabled/security2.conf<LocationMatch "/assessments/update">
<IfModule security2_module>
SecRuleRemoveById 911100
</IfModule>
</LocationMatch>between <IfModule> </IfModule>
- Restart Apache
systemctl restart apache2