Custom Apache error page with ModSecurity + OWASP CRS false-positive reporting to email and/or Slack.
Note: This is not production-ready, as there is currently no rate-limiting and single unique-id can be used to spam target mailbox / slack channel.
- copy
index.phpto/waf-handler/index.phpunder your docroot - specify custom ErrorDocument in Apache configuration:
ErrorDocument 403 /waf-handler/[email protected]&slack=https://hooks.slack.com/services/T12...3T/B12...3B/hU12...3Uh