You can also change the default action for a rule by using the SecRuleActionById directive.
Changing a rule to be detect only by ID
To change a rule to only detect, but not block attacks, simply change the action for the rule with the above directive. For example, to change the action for rule 12345, simply add this rule directive to your custom rules.
SecRuleUpdateActionById 12345 "pass,status:200"
Note 1: this directive must be added after the rule it is modifying has been loaded.
Note 2: This does not work if you are using the redirect action.
Changing a range of rules ot be detect only by ID
This is similar to the method above, however you can define a range of rule IDs. For example, if you want to disable rules 1000-2000:
SecRuleUpdateActionById 1000-2000 "pass,status:200"
Note 1: this directive must be added after the rule it is modifying has been loaded.
Note 2: This does not work if you are using the redirect action.