diff --git a/apache-security/apache-security.conf b/apache-security/apache-security.conf
index aaa7231add..9ab817155c 100644
--- a/apache-security/apache-security.conf
+++ b/apache-security/apache-security.conf
@@ -4,6 +4,23 @@
 
 LoadModule                  security2_module  @l_prefix@/libexec/apache/mod_security.so
 
+#
+#   core rule sets
+#
+
+#   include core rule sets
+Include                     @l_prefix@/etc/apache-security/modsecurity_crs_*.conf
+
+#   remove rules of the core rule set which have been proven to trigger
+#   false positives, mostly because they are definied in an too generic
+#   way
+SecRuleRemoveById           950907 \
+                            960015
+
+#
+#   general configuration parameters
+#
+
 SecRuleEngine               On
 SecRequestBodyAccess        On
 SecResponseBodyAccess       Off
@@ -21,3 +38,12 @@ SecRequestBodyLimit         131072
 SecRequestBodyInMemoryLimit 131072
 SecResponseBodyLimit        524288
 
+#
+#   data storages
+#
+
+SecDataDir                  @l_prefix@/var/apache-security/data
+SecTmpDir                   @l_prefix@/var/apache-security/tmp
+SecUploadDir                @l_prefix@/var/apache-security/upload
+SecUploadKeepFiles          off
+
diff --git a/apache-security/apache-security.spec b/apache-security/apache-security.spec
index c991b7905c..5ea5f4f559 100644
--- a/apache-security/apache-security.spec
+++ b/apache-security/apache-security.spec
@@ -71,7 +71,12 @@ AutoReqProv:  no
 %prep
     %setup -q -n modsecurity-apache_%{V_module}
     ( cd rules
-      %{l_gzip} -d -c %{SOURCE modsecurity-core-rules_%{V_rules}.tar.gz} | %{l_tar} xf -
+      %{l_gzip} -dc %{SOURCE modsecurity-core-rules_%{V_rules}.tar.gz} | %{l_tar} xf -
+
+      #   remove config rule set of the ModSecurity core rule set as
+      #   we handle those setting in our default configuration file
+      #   'apache-security.conf' already
+      rm -f modsecurity_crs_10_config.conf
     ) || exit $?
     %patch -p0
 
@@ -94,14 +99,29 @@ AutoReqProv:  no
     %{l_shtool} install -c -m 755 \
         apache2/.libs/mod_security2.so \
         $RPM_BUILD_ROOT%{l_prefix}/libexec/apache/mod_security.so
-    %{l_shtool} install -c -m 755 \
+    %{l_shtool} install -c -m 755 %{l_value -s -a} \
         %{SOURCE apache-security.conf} \
         $RPM_BUILD_ROOT%{l_prefix}/etc/apache/apache.d/
 
+    #   install core rule sets
+    %{l_shtool} mkdir -f -p -m 755 \
+        $RPM_BUILD_ROOT%{l_prefix}/etc/apache-security
+    %{l_shtool} install -c -m 644 %{l_value -s -a} \
+        rules/modsecurity_crs_*.conf \
+        $RPM_BUILD_ROOT%{l_prefix}/etc/apache-security/
+
+    #   create directories for logs and data storages
+    %{l_shtool} mkdir -f -p -m 755 \
+        $RPM_BUILD_ROOT%{l_prefix}/var/apache-security/{data,log,tmp,upload}
+
     #   determine installation files
     %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
         %{l_files_std} \
-        '%config %{l_prefix}/etc/apache/apache.d/apache-security.conf'
+        '%config %{l_prefix}/etc/apache/apache.d/apache-security.conf' \
+        '%config %{l_prefix}/etc/apache-security/*' \
+        '%dir %attr(0770,%{l_susr},%{l_ngrp}) %{l_prefix}/var/apache-security/data' \
+        '%dir %attr(0770,%{l_susr},%{l_ngrp}) %{l_prefix}/var/apache-security/tmp' \
+        '%dir %attr(0770,%{l_susr},%{l_ngrp}) %{l_prefix}/var/apache-security/upload'
 
 %files -f files