From 78ff62c735d3231807ac2878be051db3a8571daf Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Mon, 5 Oct 2020 18:06:38 +0100
Subject: [PATCH] Disable Modsec on saving custom css

---
 .../crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf          | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf b/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
index 2af6211..f09548a 100644
--- a/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
+++ b/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
@@ -16,9 +16,10 @@ SecRule REQUEST_URI "@beginsWith /wp-admin/site-health.php" \
     nolog,\
     ctl:ruleEngine=Off"
 
-SecRule REQUEST_URI "@beginsWith /wp-admin/themes.php" \
+SecRule REQUEST_FILENAME "@endsWith /wp-admin/themes.php" \
     "id:1002,\
+    phase:2,\
     pass,\
     nolog,\
-    ctl:ruleRemoveByTag=attack-xss"
+    ctl:ruleRemoveTargetByTag=CRS;ARGS:newcontent"
 
-- 
GitLab