OWASP Disabled rules for Magento2

OWASP Disabled rules for Magento2

Here is a list of all OWASP rules that should be disabled for the MAgento2 admin to work properly:

SecRuleRemoveById 981248
SecRuleRemoveById 973336
SecRuleRemoveById 958051
SecRuleRemoveById 958039
SecRuleRemoveById 973302
SecRuleRemoveById 973306
SecRuleRemoveById 973331
SecRuleRemoveById 973315
SecRuleRemoveById 973330
SecRuleRemoveById 973335
SecRuleRemoveById 973334
SecRuleRemoveById 973344
SecRuleRemoveById 973316

To disable the rules on CWP edit the file /usr/local/apache/modsecurity-owasp-old/global_disabled_rules.conf or from Admin > ModSecurity

CWP disable ModSecurity rules
CWP disable ModSecurity rules
Stefan Pejcic
Join the discussion

I enjoy constructive responses and professional comments to my posts, and invite anyone to comment or link to my site.