From 6c8e6210ebb2f9460212162220f057b26b79714a Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Mon, 15 Jan 2024 20:08:39 +0000
Subject: [PATCH] Disable mod_sec enforcement on customize.php

---
 .../crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf         | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docker/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf b/docker/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
index 9495f7be..4a3d0b61 100644
--- a/docker/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
+++ b/docker/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
@@ -82,3 +82,9 @@ SecRule REQUEST_URI "@beginsWith /wp-json/wp/v2/" \
     ctl:ruleRemoveTargetByID=932105;ARGS:content,\
     ctl:ruleRemoveTargetByID=941100;ARGS:content"
 
+SecRule REQUEST_URI "@beginsWith /wp-admin/customize.php" \
+    "id:1012,\
+    pass,\
+    nolog,\
+    ctl:ruleEngine=Off"
+
-- 
GitLab