mod security – mod_security coreruleset: Block Request when Copy Text From MS Word Format

I’m using https://hub.docker.com/r/owasp/modsecurity + https://github.com/coreruleset/modsecurity-docker

Now in POST Request When user copy and paste text from ms word and send to server, the request will be blocked

Log Example

Feb 16 13:20:55 sap journal: 2021/02/16 13:20:55 (error) 22#22:
*192440 (client IP) ModSecurity: Access denied with code 403 (phase 2). Matched “Operator Ge’ with parameter 5′ against variable
TX:ANOMALY_SCORE’ (Value: 10′ ) (file
“/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf”)
(line “79”) (id “949110”) (rev “”) (msg “Inbound Anomaly Score
Exceeded (Total Score: 10)”) (data “”) (severity “2”) (ver “”)
(maturity “0”) (accuracy “0”) (tag “application-multi”) (tag
“language-multi”) (tag “platform-multi”) (tag “attack-generic”)
(hostname “172.20.100.10”) (uri “/file/1209/referral/”) (unique_id
“161346905556.327309”) (ref “”), client: IP, server: DOMAIN, request:
“POST /file/1209/referral/ HTTP/1.1”, host: “DOMAIN”, referrer: ”
https://DOMAIN/file/1209/referral/”