1 # Configuration file for the mod_security Apache module
3 #LoadFile LIBDIR/libxml2.so.2
5 LoadModule security2_module modules/mod_security2.so
7 <IfModule mod_security2.c>
8 # This is the ModSecurity Core Rules Set.
10 # Basic configuration goes in here
11 Include conf.d/modsecurity.d/modsecurity_crs_10_config.conf
13 # Protocol violation and anomalies.
15 Include conf.d/modsecurity.d/modsecurity_crs_20_protocol_violations.conf
16 Include conf.d/modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf
20 Include conf.d/modsecurity.d/modsecurity_crs_30_http_policy.conf
22 # Here comes the Bad Stuff...
24 Include conf.d/modsecurity.d/modsecurity_crs_35_bad_robots.conf
25 Include conf.d/modsecurity.d/modsecurity_crs_40_generic_attacks.conf
26 Include conf.d/modsecurity.d/modsecurity_crs_45_trojans.conf
27 Include conf.d/modsecurity.d/modsecurity_crs_50_outbound.conf
29 # Search engines and other crawlers. Only useful if you want to track
30 # Google / Yahoo et. al.
32 # Include modsecurity.d/modsecurity_crs_55_marketing.conf
34 # Put your local rules in here.
36 Include conf.d/modsecurity.d/modsecurity_localrules.conf