From a2edc1297e4b88189d615eb0934c6bb3ca9fc99e Mon Sep 17 00:00:00 2001
From: Jaskaran Sarkaria <jaskaran.sarkaria@digital.justice.gov.uk>
Date: Wed, 4 Dec 2024 14:23:29 +0000
Subject: [PATCH] =?UTF-8?q?perf:=20=E2=9A=A1=EF=B8=8F=20we=20can't=20read?=
 =?UTF-8?q?=20the=20response=20properly=20so=20disable=20(#115)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

https://github.com/owasp-modsecurity/ModSecurity-nginx/issues/254

✅ Closes: https://github.com/ministryofjustice/cloud-platform/issues/5906
---
 templates/modsecurity.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/modsecurity.conf b/templates/modsecurity.conf
index a91b202..e896611 100644
--- a/templates/modsecurity.conf
+++ b/templates/modsecurity.conf
@@ -153,7 +153,7 @@ SecRule TX:/^MSC_/ "!@streq 0" \
 # Do keep in mind that enabling this directive does increases both
 # memory consumption and response latency.
 #
-SecResponseBodyAccess On
+SecResponseBodyAccess Off
 
 # Which response MIME types do you want to inspect? You should adjust the
 # configuration below to catch documents but avoid static files