Enable modsecurity in log-only mode (sysadmin#17870)
After migration to containerized Weblate, modsecurity started behaving like crazy and the website was rendered unusable. After a couple of days, we generated a list of matching rules and removed them in:
9fcdd201b4fe51f5587dc03dd1eeab8a0099686b
Among members of the Weblate team, we decided to completely disable modsecurity in order to get the website back to a usable state. That was done in:
63766187bee68bc159bec9acd3431af487458833
cb7ff9fac20b77e6f00337ba3c70230197a97087
Now, among members of the Sysadmin team, we decided to turn modsecurity back on but leave it in "log-only" mode, so we can, in the future, gather a list of rules that match and decide how to go about them.
/cc @emmapeel
Edited by Zen Fu