mod_security rule keeps getting triggered although removed

Solution Unverified - Updated -


  • Removed rules by SecRuleRemoveById inside Location directive get triggered.


  • Red Hat Enterprise Linux (RHEL)
    • 7
    • 8
  • Httpd 2.4
  • mod_security
  • Log line indicating triggered rule contains phase 1 string

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In