Mod_security2 Remote Command Execution: Unix Command Injection

Support
1

Problem:

mod_security blocks markdown with with bash snippets with message

Remote Command Execution: Unix Command Injection

It does this on page save in the admin. Showing the file in the frontend gives no problems.

Question

What can I do about it. Is there an exception file for grav like for most other platforms supported by modsecurity?

crs-setup.conf has a section like:

Modify and uncomment this rule to select which application:

SecAction \

"id:900130,\

phase:1,\

nolog,\

pass,\

t:none,\

setvar:tx.crs_exclusions_nextcloud=1,

setvar:tx.crs_exclusions_cpanel=1,\

setvar:tx.crs_exclusions_drupal=1,\

setvar:tx.crs_exclusions_dokuwiki=1,\

setvar:tx.crs_exclusions_wordpress=1,\

setvar:tx.crs_exclusions_xenforo=1"

Did anyone create an exception file?