Question Allow specific Content types in Mod Security

[tbachner]

Server operating system version

Ubuntu 22.04.3 LTS

Plesk version and microupdate number

18.0.55 Update #2

When I activate ModSecurity I have a problem with content types:

[msg "COMODO WAF: Request content type is not allowed by policy. Please update file userdata_wl_content_type.||app.domain.de|F|2"] [data "TX:0=application/merge-patch+json"]

Where I find die file userdata_wl_content_type to add the content type application/merge-patch+json?

 

[tbachner]

Ok. I found the file userdata_wl_content_type in the folder etc/apache2/modsecurity.d/rule/comodo_free. But I change this file, it always gets overwritten with default rules. How I can prevent this?

 

[Peter Debik]

I've checked on a server here and it seems the files are not overwritten. Where did you see that they are?

 

[Wade]

I have the same problem - `/etc/apache2/modsecurity.d/rules/comodo_free/userdata_wl_content_type` is periodically reset to some factory default, neutering my changes.