Skip to content

Enable modsecurity in log-only mode (sysadmin#17870)

Zen Fu requested to merge enable-modsec-log-only-on-weblate into master

After migration to containerized Weblate, modsecurity started behaving like crazy and the website was rendered unusable. After a couple of days, we generated a list of matching rules and removed them in:

9fcdd201b4fe51f5587dc03dd1eeab8a0099686b

Among members of the Weblate team, we decided to completely disable modsecurity in order to get the website back to a usable state. That was done in:

63766187bee68bc159bec9acd3431af487458833
cb7ff9fac20b77e6f00337ba3c70230197a97087

Now, among members of the Sysadmin team, we decided to turn modsecurity back on but leave it in "log-only" mode, so we can, in the future, gather a list of rules that match and decide how to go about them.

/cc @emmapeel

Edited by Zen Fu

Merge request reports