Brian, Have you tried working with a rule that disables the execution of 950120 under the conditions your presented?
I usually do this via SecRule ... "...ctl:ruleRemoveById=950120" This has to be placed _before_ the said rule. But that way you can exempt certain core rules without touching the core rules files. Ahoj, Christian -- The purpose of computing is insight not numbers. -- Richard W. Hamming _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
