- You need to debug why your URL got blocked, and to get the firewall rule id.
- use the following command line :
sudo tail -f /var/log/apache2/modsec_audit.log
- This will monitor the blocked requests.
- Hit the URL again to check the logs and see why it got blocked , and you will get something like the following
- Use this Id and the URI you need to exclude and add it to the following file
<LocationMatch "/assessments/update"> <IfModule security2_module> SecRuleRemoveById 911100 </IfModule> </LocationMatch>
between <IfModule> </IfModule>
- Restart Apache
systemctl restart apache2