Maldet Configuration Questions

I have setup this according to readme file of maldet

rfxn.com/appdocs/README.maldetect

but it seems that its not working as one of wordpress uploaded yesterday on our hosting vps, seems infected today. while scanning with maldet, 4 infected files found.

I have 2 question, readme file said that

1. To enable upload scanning with mod_security2 you must set enable the public_scan option in conf.maldet (public_scan=1)

but i don't find that line anywhere in conf.maldet (public_scan=1)

will it mean

Code:

"# Allows non-root users to perform scans. This must be enabled when
# using mod_security2 upload scanning or if you want to allow users
# to perform scans. When enabled, this will populate 'pub/' with user
# owned quarantine, session and temporary paths to faciliate scans.
# [ 0 = disabled, 1 = enabled, disabled by default ]
scan_user_access="1"

2. These rules are best placed in your modsec2.user.conf file on cpanel servers
or at the top of the appropraite rules file for your setup.
/usr/local/apache/conf/modsec2.user.conf (or similar mod_security2 rules file):

Code:

SecRequestBodyAccess On
SecRule FILES_TMPNAMES "@inspectFile /usr/local/maldetect/hookscan.sh" \
                "id:'999999',log,auditlog,deny,severity:2,phase:2,t:none"

i place it in same manner (with line break) in modsec2.user.conf file - is it correct or not