Reconfigure modsecurity and turn it on for Weblate once again

After the migration to containerized Weblate, modsecurity started blocking like crazy and rendered the website unusable. We first tried removing 46 rules that matched during the 2 days after the migration (puppet-tails@9fcdd201), and then decided to turn modsecurity off (puppet-tails@63766187, puppet-tails@cb7ff9fa) until we could re-evaluate and generate a sane config in which the level of false-positives is worth the pain for translators.

This should turn on modsecurity in "log-only" mode: puppet-tails!73 (merged)

In the previous non-containerized setup, it took us a long time to get to a stable configuration, with only a handful of people reporting error messages either to the sysadmins or the weblate list. Maybe, if/when we decide to turn on modsecurity blocks on again, we should ensure good communication with translators so they know when and how to effectively help, for example by waiting for a certain period and only then start reporting URL and time to the correct place (which is to be decided).

/cc @groente @emmapeel

To-do

Decide on a date for reactivation of ModSecurity and a period for tests
Communicate with tails-l10n@, and include:
- The date when ModSecurity will be activated once again
- Instructions on how to report issues
Merge and deploy: Re-enable ModSecurity on Weblate (puppet-weblate!6 - merged)

Edited Aug 01, 2023 by Zen Fu

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information