apache-mod_security.conf

   1 # Configuration file for the mod_security Apache module
   2
   3 #LoadFile LIBDIR/libxml2.so.2
   4
   5 LoadModule security2_module modules/mod_security2.so
   6
   7 <IfModule mod_security2.c>
   8         # This is the ModSecurity Core Rules Set.
   9
  10         # Basic configuration goes in here
  11         Include conf.d/modsecurity.d/modsecurity.conf-minimal
  12         Include conf.d/modsecurity.d/modsecurity_crs_10_config.conf
  13
  14         # Protocol violation and anomalies.
  15
  16         Include conf.d/modsecurity.d/modsecurity_crs_20_protocol_violations.conf
  17         Include conf.d/modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf
  18
  19         # HTTP policy rules
  20
  21         Include conf.d/modsecurity.d/modsecurity_crs_30_http_policy.conf
  22
  23         # Here comes the Bad Stuff...
  24
  25         Include conf.d/modsecurity.d/modsecurity_crs_35_bad_robots.conf
  26         Include conf.d/modsecurity.d/modsecurity_crs_40_generic_attacks.conf
  27         Include conf.d/modsecurity.d/modsecurity_crs_45_trojans.conf
  28         Include conf.d/modsecurity.d/modsecurity_crs_50_outbound.conf
  29
  30         # Search engines and other crawlers. Only useful if you want to track
  31         # Google / Yahoo et. al.
  32
  33         # Include modsecurity.d/modsecurity_crs_55_marketing.conf
  34
  35         Include conf.d/modsecurity.d/modsecurity_crs_23_request_limits.conf
  36         Include conf.d/modsecurity.d/modsecurity_crs_41_phpids_converter.conf
  37         Include conf.d/modsecurity.d/modsecurity_crs_41_phpids_filters.conf
  38         Include conf.d/modsecurity.d/modsecurity_crs_41_sql_injection_attacks.conf
  39         Include conf.d/modsecurity.d/modsecurity_crs_41_xss_attacks.conf
  40         Include conf.d/modsecurity.d/modsecurity_crs_42_tight_security.conf
  41         Include conf.d/modsecurity.d/modsecurity_crs_47_common_exceptions.conf
  42         Include conf.d/modsecurity.d/modsecurity_crs_48_local_exceptions.conf
  43         Include conf.d/modsecurity.d/modsecurity_crs_49_enforcement.conf
  44         Include conf.d/modsecurity.d/modsecurity_crs_49_inbound_blocking.conf
  45
  46         # Optional rules
  47
  48         # Include conf.d/modsecurity.d/modsecurity_crs_40_experimental.conf
  49         # Include conf.d/modsecurity.d/modsecurity_crs_42_comment_spam.conf
  50         # Include conf.d/modsecurity.d/modsecurity_crs_46_et_sql_injection.conf
  51         # Include conf.d/modsecurity.d/modsecurity_crs_46_et_web_rules.conf
  52         # <IfModule mod_headers.c>
  53         #       Include conf.d/modsecurity.d/modsecurity_crs_49_header_tagging.conf
  54         # </IfModule>
  55         # Include conf.d/modsecurity.d/modsecurity_crs_59_outbound_blocking.conf
  56         # Include conf.d/modsecurity.d/modsecurity_crs_60_correlation.conf
  57
  58         # Put your local rules in here.
  59
  60         Include conf.d/modsecurity.d/modsecurity_localrules.conf
  61
  62         SecDataDir      /var/run/httpd
  63 </IfModule>