my domain acme challenge url blocked by modsecurity rules which affects letencrypt ssl renewal. Here is the error log,
2023-04-22 12:40:40.877509 [INFO] [291165] [129.12.x.x.x.1:43555-Q:5A6DF09EADE3A78A-0#mydomain.com] [Module:mod_security]Log Message: [client hidden ip] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:ANOMALY_SCORE' (Value: `5' ) [file "/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "80"] [id "949110"] [rev ""] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [data ""] [severity "2"] [ver "OWASP_CRS/3.3.2"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.mydomain.com"] [uri "/.well-known/acme-challenge/mydomain.com"] [unique_id "168216724077.123542"] [ref ""]
How to whitelist letencrypt acme challenges in modsecurity?