if they’ve authenticated, I don’t need to block their request
if they’re not, though, that’s really when I want ModSecurity to kick in
https://stackoverflow.com/a/46045010 could be the answer
looks like a very similar requirement
well crap - turning off the rules in the virtualhost config doesn’t seem to stop the request from getting blocked
Yeah there are a few ModSecurity rules that SilverStripe seems to trigger…
is there a reference page for what rules those might be and how to accommodate?
cuz if not, that’d be really, really handy lol