# Basic configuration options SecRuleEngine On SecRequestBodyAccess On SecResponseBodyAccess Off # Handling of file uploads SecUploadDir @apache2_tmpdir@ SecUploadKeepFiles Off ####### Logging ####### # Debug log # SecDebugLogLevel 0-9, 0 - disable SecDebugLog logs/modsec2_debug.log SecDebugLogLevel 0 # Serial audit log # SecAuditEngine (On|Off|RelevantOnly) SecAuditEngine RelevantOnly SecAuditLogRelevantStatus ^5 SecAuditLogParts ABIFHZ SecAuditLogType Serial SecAuditLog logs/modsec2_audit.log ####### Memory usage ####### # Maximum request body size we will # accept for buffering SecRequestBodyLimit 131072 # Store up to 128 KB in memory SecRequestBodyInMemoryLimit 131072 # Buffer response bodies of up to # 512 KB in length SecResponseBodyLimit 524288 ####### Rules ####### # First, add in your exclusion rules # For resources see README.ALT # Put *.conf files into @conf_dir@/local_rules/ : Include @conf_dir@/local_rules/*.conf # ALTLinux defaults Include @conf_dir@/altdefaults.conf # ModSecurity Core Rules Include @conf_dir@/rules/*.conf Include @conf_dir@/rules/optional_rules/*.conf