Multiple security errors and warnings (mod_security)

Nextcloud version (eg, 20.0.5): 22.2.0
Operating system and version (eg, Ubuntu 20.04): Raspbian 10.11
Apache or nginx version (eg, Apache 2.4.25): Apache 2.4.38
PHP version (eg, 7.4): PHP 7.3.29

The issue you are facing:
I have problems with webdav, caldav, uploaded files with 0 bytes and multiple error and warning messages from mod_security. Right now I’m trying to fix these mod_security problems.

The output of your Nextcloud log in Admin > Logging: (only 1 error)

PHP	Error: Undefined offset: 5 at /var/www/html/nextcloud/lib/private/Updater.php#154
/var/www/html/nextcloud/lib/private/Updater.php - line 154:

OC\Log\ErrorHandler::onError(8, "Undefined offset: 5", "/var/www/ht ... p", 154, { logLevel: ... e})

/var/www/html/nextcloud/core/ajax/update.php - line 200:

OC\Updater->upgrade()

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'instanceid' => '',
  'passwordsalt' => '',
  'secret' => '',
  'trusted_domains' =>
  array (
    0 => 'localhost',
    1 => '192.168.0.3',
    2 => 'old.sample.com',
    3 => 'site.provider.org',
  ),
  'datadirectory' => '/var/www/html/nextcloud/data',
  'dbtype' => 'mysql',
  'version' => '22.2.0.2',
  'overwrite.cli.url' => 'https:\\/\\/site.provider.org',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost:5432',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => '',
  'installed' => true,
  'maintenance' => false,
  'theme' => '',
  'loglevel' => 5,
  'default_phone_region' => 'BR',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'updater.secret' => '',
);

These are the errors I get in my apache error.log:

[Wed Oct 20 22:19:16.456854 2021] [:error] [pid 10002] [client 191.191.10.38:64947] [client 11.91.1.38] ModSecurity: Warning. Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required. [file "/usr/share/modsecurity-crs/rules/REQUEST-911-METHOD-ENFORCEMENT.conf"] [line "46"] [id "911100"] [msg "Method is not allowed by policy"] [data "PUT"] [severity "CRITICAL"] [ver "OWASP_CRS/3.1.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [tag "OWASP_CRS/POLICY/METHOD_NOT_ALLOWED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"] [tag "OWASP_AppSensor/RE1"] [tag "PCI/12.1"] [hostname ".org"] [uri "/nextcloud/ocs/v2.php/apps/weather_status/api/v1/location"] [unique_id "YXDAFB4m4yCmCX6JGv71@gAAAAE"]
[Wed Oct 20 22:19:16.474163 2021] [:error] [pid 10002] [client :64947] [client ] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname ".org"] [uri "/nextcloud/ocs/v2.php/apps/weather_status/api/v1/location"] [unique_id "YXDAFB4m4yCmCX6JGv71@gAAAAE"]

I’ve read multiple sites, docs, etc but no matter what I try to do to remove these (RemoveRuleById, etc) nothing changes. It’s as if my config changes are not being considered.

Any tips?

Since I had no replies with info on how to solve this, I would like to ask for info on how to DEBUG this or resources I should go to try to figure out what is the problem.

Thanks