You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
49 lines
1.3 KiB
49 lines
1.3 KiB
## |
|
## apache-security.conf -- Apache configuration for mod_security |
|
## |
|
|
|
LoadModule security2_module @l_prefix@/libexec/apache/mod_security.so |
|
|
|
# |
|
# core rule sets |
|
# |
|
|
|
# include core rule sets |
|
Include @l_prefix@/etc/apache-security/modsecurity_crs_*.conf |
|
|
|
# remove rules of the core rule set which have been proven to trigger |
|
# false positives, mostly because they are definied in an too generic |
|
# way |
|
SecRuleRemoveById 950907 \ |
|
960015 |
|
|
|
# |
|
# general configuration parameters |
|
# |
|
|
|
SecRuleEngine On |
|
SecRequestBodyAccess On |
|
SecResponseBodyAccess Off |
|
|
|
SecDebugLog @l_prefix@/var/apache/log/security-debug.log |
|
SecDebugLogLevel 0 |
|
|
|
SecAuditEngine RelevantOnly |
|
SecAuditLogRelevantStatus ^5 |
|
SecAuditLogParts ABIFHZ |
|
SecAuditLogType Serial |
|
SecAuditLog @l_prefix@/var/apache/log/security-audit.log |
|
|
|
SecRequestBodyLimit 131072 |
|
SecRequestBodyInMemoryLimit 131072 |
|
SecResponseBodyLimit 524288 |
|
|
|
# |
|
# data storages |
|
# |
|
|
|
SecDataDir @l_prefix@/var/apache-security/data |
|
SecTmpDir @l_prefix@/var/apache-security/tmp |
|
SecUploadDir @l_prefix@/var/apache-security/upload |
|
SecUploadKeepFiles Off |
|
|
|
|