ModSec – Add an ID to a rule
In order to know that you need to add an ID to a rule you will have already found the error in the logs. To white list the rule this requires the rule to have an ID. All of the rules are stored in /usr/local/apache/conf/modsec2.user.conf. I usually vim the conf file and / to search for the pattern match that the error lists. You can also go to the line number listed in the error.
vim /usr/local/apache/conf/modsec2.user.conf
When you find the correct rule and line you will need to add an ID. It doesn’t really matter what number you assign to it as long as it already is not in the file. the syntax to add the ID would be as follows:
….rule” “ID:300018”
Save the file and now you can white list the ID number.