is it possible to disable a rule for a specific domain without disabling the rule globally?
2023-07-13 17:12:34.406880 [INFO] [3910190] [172.70.57.157:28834:HTTP2-5#agua.uflagoacaefornos.pt] [Module:mod_security] ModSecurity: Warning. Matched "Operator Within' with parameter GET HEAD POST OPTIONS’ against variable REQUEST_METHOD' (Value: PUT’ ) [file “/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/rules/REQUEST-911-METHOD-ENFORCEMENT.conf”] [line “27”] [id “911100”] [rev “”] [msg “Method is not allowed by policy”] [data “PUT”] [severity “2”] [ver “OWASP_CRS/3.3.2”] [maturity “0”] [accuracy “0”] [tag “application-multi”] [tag “language-multi”] [tag “platform-multi”] [tag “attack-generic”] [tag “paranoia-level/1”] [tag “OWASP_CRS”] [tag “capec/1000/210/272/220/274”] [tag “PCI/12.1”] [hostname “agua.uflagoacaefornos.pt”] [uri “/api/v1/companies/VolejRejNm”] [unique_id “168926115481.607972”] [ref “v0,3”]
if I disable the rule in the panel >> owasp REQUEST-911-METHOD-ENFORCEMENT.conf directly the problem in Invoice Ninja disappears.
Please help!