I wanted to make note of this page, because it was a huge help getting the ModSecurity OWASP rule set working with nginx. LinuxBabe: How to Set Up ModSecurity with Nginx on Debian/Ubuntu Then to start exempting specific pages from specific rule ID’s, you’ll using these three commands quite a bit: `tailf /var/log/modsec_audit.log``sudo nano /etc/nginx/modsec/coreruleset-3.3.4/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf``sudo […]