# Basic configuration options 
SecRuleEngine On 
SecRequestBodyAccess On 
SecResponseBodyAccess Off 

# Debug log 
SecDebugLog /var/log/httpd/modsec_debug.log 
SecDebugLogLevel 0 

# Make sure URL Encoding/Decoding is valid
SecFilterCheckURLEncoding On
SecFilterCheckUnicodeEncoding On

# Check POST payload
SecFilterScanPOST On

# Prevent XSS Attacks
SecFilter "<(.|\n)+"

# Prevent SQL injection
SecFilter "(delete|insert)[[:space:]]+(from|into)"

# Prevent SSI Injection
SecFilter "\<\!--|#"

# Filter out the keywords /bin, /etc and /usr
SecFilter "/bin"
SecFilter "/etc"
SecFilter "/usr"

# Maximum request body size we will accept for buffering 
SecRequestBodyLimit 131072 

# Store up to 128 KB in memory 
SecRequestBodyInMemoryLimit 131072 

# Buffer response bodies of up to 512 KB in length 
SecResponseBodyLimit 524288

# Set Server Signature 
SecServerSignature "Fedora Web Server"

# Insepect the output for keywords "Defaced, hacked/h4cked, own/0wn" 
# Once a keyword has been detected then redirect them to somewhere and don't allow them to see the
# defacers message
SecFilterSelective OUTPUT "(deface|h[a4]ck]|[o0]wn\.)" deny,log,redirect:http://fedoraproject.org