Problem:
mod_security blocks markdown with with bash snippets with message
Remote Command Execution: Unix Command Injection
It does this on page save in the admin. Showing the file in the frontend gives no problems.
Question
What can I do about it. Is there an exception file for grav like for most other platforms supported by modsecurity?
crs-setup.conf has a section like:
Modify and uncomment this rule to select which application:
SecAction \
"id:900130,\
phase:1,\
nolog,\
pass,\
t:none,\
setvar:tx.crs_exclusions_nextcloud=1,
setvar:tx.crs_exclusions_cpanel=1,\
setvar:tx.crs_exclusions_drupal=1,\
setvar:tx.crs_exclusions_dokuwiki=1,\
setvar:tx.crs_exclusions_wordpress=1,\
setvar:tx.crs_exclusions_xenforo=1"
Did anyone create an exception file?