From b1537660d37e3aee681399973e06bc0e97e40df2 Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Mon, 17 Aug 2020 11:14:22 +0100
Subject: [PATCH] Add another common modsec false positive

---
 .../crs/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf          | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/conf/modsecurity/crs/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf b/conf/modsecurity/crs/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf
index 9b7839b..bca7c57 100644
--- a/conf/modsecurity/crs/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf
+++ b/conf/modsecurity/crs/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf
@@ -16,10 +16,13 @@ SecRuleRemoveById 950130
 # XSS rules that have too many false positives.
 SecRuleRemoveById 941160
 SecRuleRemoveById 941180
-SecRuleRemoveByID 953120
 
 # ModSec Rule Exclusion: 920273 : Invalid character in request (outside of very strict set)
 # ModSec Rule Exclusion: 942432 : Restricted SQL Character Anomaly Detection (args): 
 # number of special characters exceeded (2) (severity:  NONE/UNKOWN)
 SecRuleRemoveById 920273
 SecRuleRemoveById 942432
+
+# Presence of PHP code in the output
+SecRuleRemoveByID 953110
+SecRuleRemoveByID 953120
-- 
GitLab