From b99fdd82f4a1a12a65443ee3eb5db4071fef374a Mon Sep 17 00:00:00 2001
From: ale <ale@incal.net>
Date: Tue, 30 Aug 2022 16:28:48 +0100
Subject: [PATCH] Add ModSec rule for Gutenberg template edits

---
 .../crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf      | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/docker/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf b/docker/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
index 93c06a7f..673aef72 100644
--- a/docker/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
+++ b/docker/conf/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
@@ -71,3 +71,12 @@ SecRule REQUEST_URI "@beginsWith /wp-admin/network/settings.php" \
     ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:wp-piwik[tracking_code],\
     ctl:ruleRemoveTargetByTag=OWASP_CRS;ARGS:wp-piwik[noscript_code]"
 
+# Gutenberg comments are misinterpreted.
+SecRule REQUEST_URI "@beginsWith /wp-json/wp/v2/template-parts" \
+    "id:1011,\
+    phase:2,\
+    pass,\
+    nolog,\
+    ctl:ruleRemoveTargetByID=932105;ARGS:content,\
+    ctl:ruleRemoveTargetByID=941100;ARGS:content"
+
-- 
GitLab