Handle false positives
If you encounter a false positive caused by a managed rule, do one of the following:
Disable the corresponding managed rule(s): Create an override to disable specific rules. This may avoid false positives, but you will also reduce the overall site security. Refer to the on configuring a managed ruleset, or to the on creating an override.
If one specific rule causes false positives, disable that specific rule and not the entire ruleset.
For false positives with the administrator area of your website, add a WAF exception disabling a managed rule for the admin section of your site resources. You can use an expression similar to the following:
http.host eq "example.com" and starts_with(http.request.uri.path, "/admin")