I have tried to add
SecRuleRemoveById
to all id appearing in the mod_audit.log, but my software was stilled blocked.
I think it is not so simple. I have read a little bit of the mod-security site's manual. It said simply adding SecRuleRemoveById may not let the software pass 2nd phase.
I don't understand though.
|