[packages/apache-mod_security.git] / apache-mod_security.conf

# Configuration file for the mod_security Apache module

#LoadFile LIBDIR/libxml2.so.2

LoadModule security2_module modules/mod_security2.so

<IfModule mod_security2.c>
	# This is the ModSecurity Core Rules Set.

	# Basic configuration goes in here
	Include conf.d/modsecurity.d/modsecurity.conf-minimal
	Include conf.d/modsecurity.d/modsecurity_crs_10_config.conf

	# Protocol violation and anomalies.

	Include conf.d/modsecurity.d/modsecurity_crs_20_protocol_violations.conf
	Include conf.d/modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf

	# HTTP policy rules

	Include conf.d/modsecurity.d/modsecurity_crs_30_http_policy.conf

	# Here comes the Bad Stuff...

	Include conf.d/modsecurity.d/modsecurity_crs_35_bad_robots.conf
	Include conf.d/modsecurity.d/modsecurity_crs_40_generic_attacks.conf
	Include conf.d/modsecurity.d/modsecurity_crs_45_trojans.conf
	Include conf.d/modsecurity.d/modsecurity_crs_50_outbound.conf

	# Search engines and other crawlers. Only useful if you want to track
	# Google / Yahoo et. al.

	# Include modsecurity.d/modsecurity_crs_55_marketing.conf

	Include conf.d/modsecurity.d/modsecurity_crs_23_request_limits.conf
	Include conf.d/modsecurity.d/modsecurity_crs_41_phpids_converter.conf
	Include conf.d/modsecurity.d/modsecurity_crs_41_phpids_filters.conf
	Include conf.d/modsecurity.d/modsecurity_crs_41_sql_injection_attacks.conf
	Include conf.d/modsecurity.d/modsecurity_crs_41_xss_attacks.conf
	Include conf.d/modsecurity.d/modsecurity_crs_42_tight_security.conf
	Include conf.d/modsecurity.d/modsecurity_crs_47_common_exceptions.conf
	Include conf.d/modsecurity.d/modsecurity_crs_48_local_exceptions.conf
	Include conf.d/modsecurity.d/modsecurity_crs_49_enforcement.conf
	Include conf.d/modsecurity.d/modsecurity_crs_49_inbound_blocking.conf

	# Optional rules

	# Include conf.d/modsecurity.d/modsecurity_crs_40_experimental.conf
	# Include conf.d/modsecurity.d/modsecurity_crs_42_comment_spam.conf
	# Include conf.d/modsecurity.d/modsecurity_crs_46_et_sql_injection.conf
	# Include conf.d/modsecurity.d/modsecurity_crs_46_et_web_rules.conf
	# <IfModule mod_headers.c>
	#	Include conf.d/modsecurity.d/modsecurity_crs_49_header_tagging.conf
	# </IfModule>
	# Include conf.d/modsecurity.d/modsecurity_crs_59_outbound_blocking.conf
	# Include conf.d/modsecurity.d/modsecurity_crs_60_correlation.conf

	# Put your local rules in here.

	Include conf.d/modsecurity.d/modsecurity_localrules.conf

	SecDataDir	/var/run/httpd
</IfModule>
Commit	Line	Data
55807361 ER	1	# Configuration file for the mod_security Apache module
	2
	3	#LoadFile LIBDIR/libxml2.so.2
	4
55807361 ER	5	LoadModule security2_module modules/mod_security2.so
	6
	7	<IfModule mod_security2.c>
	8	# This is the ModSecurity Core Rules Set.
	9
	10	# Basic configuration goes in here
6daedeb1	11	Include conf.d/modsecurity.d/modsecurity.conf-minimal
ea485c06	12	Include conf.d/modsecurity.d/modsecurity_crs_10_config.conf
55807361 ER	13
	14	# Protocol violation and anomalies.
	15
ea485c06 TP	16	Include conf.d/modsecurity.d/modsecurity_crs_20_protocol_violations.conf
ea485c06 TP	17	Include conf.d/modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf
55807361 ER	18
	19	# HTTP policy rules
	20
ea485c06	21	Include conf.d/modsecurity.d/modsecurity_crs_30_http_policy.conf
55807361 ER	22
	23	# Here comes the Bad Stuff...
	24
ea485c06 TP	25	Include conf.d/modsecurity.d/modsecurity_crs_35_bad_robots.conf
	26	Include conf.d/modsecurity.d/modsecurity_crs_40_generic_attacks.conf
	27	Include conf.d/modsecurity.d/modsecurity_crs_45_trojans.conf
	28	Include conf.d/modsecurity.d/modsecurity_crs_50_outbound.conf
55807361 ER	29
	30	# Search engines and other crawlers. Only useful if you want to track
	31	# Google / Yahoo et. al.
	32
	33	# Include modsecurity.d/modsecurity_crs_55_marketing.conf
	34
6daedeb1 TP	35	Include conf.d/modsecurity.d/modsecurity_crs_23_request_limits.conf
	36	Include conf.d/modsecurity.d/modsecurity_crs_41_phpids_converter.conf
	37	Include conf.d/modsecurity.d/modsecurity_crs_41_phpids_filters.conf
	38	Include conf.d/modsecurity.d/modsecurity_crs_41_sql_injection_attacks.conf
	39	Include conf.d/modsecurity.d/modsecurity_crs_41_xss_attacks.conf
	40	Include conf.d/modsecurity.d/modsecurity_crs_42_tight_security.conf
	41	Include conf.d/modsecurity.d/modsecurity_crs_47_common_exceptions.conf
	42	Include conf.d/modsecurity.d/modsecurity_crs_48_local_exceptions.conf
	43	Include conf.d/modsecurity.d/modsecurity_crs_49_enforcement.conf
	44	Include conf.d/modsecurity.d/modsecurity_crs_49_inbound_blocking.conf
	45
	46	# Optional rules
	47
	48	# Include conf.d/modsecurity.d/modsecurity_crs_40_experimental.conf
	49	# Include conf.d/modsecurity.d/modsecurity_crs_42_comment_spam.conf
	50	# Include conf.d/modsecurity.d/modsecurity_crs_46_et_sql_injection.conf
	51	# Include conf.d/modsecurity.d/modsecurity_crs_46_et_web_rules.conf
	52	# <IfModule mod_headers.c>
	53	# Include conf.d/modsecurity.d/modsecurity_crs_49_header_tagging.conf
	54	# </IfModule>
	55	# Include conf.d/modsecurity.d/modsecurity_crs_59_outbound_blocking.conf
	56	# Include conf.d/modsecurity.d/modsecurity_crs_60_correlation.conf
	57
55807361 ER	58	# Put your local rules in here.
55807361 ER	59
4097ac0d	60	Include conf.d/modsecurity.d/modsecurity_localrules.conf
6daedeb1 TP	61
6daedeb1 TP	62	SecDataDir /var/run/httpd
55807361	63	</IfModule>