| @@ -0,0 +1,36 @@
+# Example configuration file for the mod_security Apache module
+
+LoadModule security2_module modules/mod_security2.so
+LoadModule unique_id_module modules/mod_unique_id.so
+
+<IfModule mod_security2.c>
+ # This is the ModSecurity Core Rules Set.
+
+ # Basic configuration goes in here
+ Include modsecurity.d/modsecurity_crs_10_config.conf
+
+ # Protocol violation and anomalies.
+
+ Include modsecurity.d/modsecurity_crs_20_protocol_violations.conf
+ Include modsecurity.d/modsecurity_crs_21_protocol_anomalies.conf
+
+ # HTTP policy rules
+
+ Include modsecurity.d/modsecurity_crs_30_http_policy.conf
+
+ # Here comes the Bad Stuff...
+
+ Include modsecurity.d/modsecurity_crs_35_bad_robots.conf
+ Include modsecurity.d/modsecurity_crs_40_generic_attacks.conf
+ Include modsecurity.d/modsecurity_crs_45_trojans.conf
+ Include modsecurity.d/modsecurity_crs_50_outbound.conf
+
+ # Search engines and other crawlers. Only useful if you want to track
+ # Google / Yahoo et. al.
+
+ # Include modsecurity.d/modsecurity_crs_55_marketing.conf
+
+ # Put your local rules in here.
+
+ Include modsecurity.d/modsecurity_localrules.conf
+</IfModule>
|
