apache-mod_security.conf

   1 # Configuration file for the mod_security Apache module
   2
   3 #LoadFile LIBDIR/libxml2.so.2
   4
   5 LoadModule security2_module modules/mod_security2.so
   6 LoadModule security2_module modules/mod_security2.so
   7
   8 <IfModule mod_security2.c>
   9         # This is the ModSecurity Core Rules Set.
  10
  11         # Basic configuration goes in here
  12         Include modsecurity.d/modsecurity_crs_10_config.conf
  13
  14         # Protocol violation and anomalies.
  15
  16         Include modsecurity.d/modsecurity_crs_20_protocol_violations.conf
  17         Include modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf
  18
  19         # HTTP policy rules
  20
  21         Include modsecurity.d/modsecurity_crs_30_http_policy.conf
  22
  23         # Here comes the Bad Stuff...
  24
  25         Include modsecurity.d/modsecurity_crs_35_bad_robots.conf
  26         Include modsecurity.d/modsecurity_crs_40_generic_attacks.conf
  27         Include modsecurity.d/modsecurity_crs_45_trojans.conf
  28         Include modsecurity.d/modsecurity_crs_50_outbound.conf
  29
  30         # Search engines and other crawlers. Only useful if you want to track
  31         # Google / Yahoo et. al.
  32
  33         # Include modsecurity.d/modsecurity_crs_55_marketing.conf
  34
  35         # Put your local rules in here.
  36
  37         Include modsecurity.d/modsecurity_localrules.conf
  38 </IfModule>