Joe

if they’re not, though, that’s really when I want ModSecurity to kick in

Joe

if they’ve authenticated, I don’t need to block their request

Joe

2) can I disable a specific rule (like the one preventing access to the Files area) by turning off that rule if the request URI contains /admin? (and would that be a good idea in the first place?)

Joe

1) can I disable a specific rule using .htaccess or the apache VirtualHost config? (having a hard time finding a straight answer on this)

Joe

i’m still very new to ModSecurity, so what will follow are probably some fairly stupid questions, but ¯_(ツ)_/¯

Joe

I think it’s mad because they have donate buttons in the content area