# This is the ModSecurity Core Rules Set.
# Basic configuration goes in here
+ Include conf.d/modsecurity.d/modsecurity.conf-minimal
Include conf.d/modsecurity.d/modsecurity_crs_10_config.conf
# Protocol violation and anomalies.
# Include modsecurity.d/modsecurity_crs_55_marketing.conf
+ Include conf.d/modsecurity.d/modsecurity_crs_23_request_limits.conf
+ Include conf.d/modsecurity.d/modsecurity_crs_41_phpids_converter.conf
+ Include conf.d/modsecurity.d/modsecurity_crs_41_phpids_filters.conf
+ Include conf.d/modsecurity.d/modsecurity_crs_41_sql_injection_attacks.conf
+ Include conf.d/modsecurity.d/modsecurity_crs_41_xss_attacks.conf
+ Include conf.d/modsecurity.d/modsecurity_crs_42_tight_security.conf
+ Include conf.d/modsecurity.d/modsecurity_crs_47_common_exceptions.conf
+ Include conf.d/modsecurity.d/modsecurity_crs_48_local_exceptions.conf
+ Include conf.d/modsecurity.d/modsecurity_crs_49_enforcement.conf
+ Include conf.d/modsecurity.d/modsecurity_crs_49_inbound_blocking.conf
+
+ # Optional rules
+
+ # Include conf.d/modsecurity.d/modsecurity_crs_40_experimental.conf
+ # Include conf.d/modsecurity.d/modsecurity_crs_42_comment_spam.conf
+ # Include conf.d/modsecurity.d/modsecurity_crs_46_et_sql_injection.conf
+ # Include conf.d/modsecurity.d/modsecurity_crs_46_et_web_rules.conf
+ # <IfModule mod_headers.c>
+ # Include conf.d/modsecurity.d/modsecurity_crs_49_header_tagging.conf
+ # </IfModule>
+ # Include conf.d/modsecurity.d/modsecurity_crs_59_outbound_blocking.conf
+ # Include conf.d/modsecurity.d/modsecurity_crs_60_correlation.conf
+
# Put your local rules in here.
Include conf.d/modsecurity.d/modsecurity_localrules.conf
+
+ SecDataDir /var/run/httpd
</IfModule>