I would like to bypass certain WAF rules to be applied for a specific URL.
For example, the following requests are creating a false positive as they have some "string" in the payload triggering the rule "owasp-crs-v030001-id933160-php".
POST https://example.com/rest/user/save
But the following URLs should continue to be blocked
POST https://example.com/ajax/render/widget_tabbedcontainer_tab_panel
GET https://example.com/counter/nl/ord/lang=english(1);system(%22$ENV%7BHTTP_X%7D%22);
So I would like the rule "owasp-crs-v030001-id933160-php" to be bypassed for "POST https://example.com/rest/user/save"