It wasn't located there, as it was installed with easy apache 3, rather than with the plugin system. However, I did locate it in CSF:
Originally Posted by ChrisRHS
When clicking edit, it shows:
If I am reading this right, it looks like I should copy and paste the rules from http://403security.org/files/modsec_rules.txt into /usr/local/apache/conf/modsec2.user.conf
LoadModule security2_module modules/mod_security2.so
# See http://www.modsecurity.org/documentation/ModSecurity-Migration-Matrix.pdf
# "Add the rules that will do exactly the same as the directives"
# SecFilterCheckURLEncoding On
# SecFilterForceByteRange 0 255
SecRule REMOTE_ADDR "^127.0.0.1$" nolog,allow
Is that correct? What about the configuration settings?
and such. There are many more listed on 403security.org than in the CSF config. Do I just copy the whole file from 403security and put it in the conf, and it will override any dupes in the CSF configuration?