From 3bc3b925d9dbd05552d21b7465731d3b823eb515 Mon Sep 17 00:00:00 2001
From: Scott Ullrich <sullrich@gmail.com>
Date: Tue, 23 Jun 2009 14:00:21 -0400
Subject: Add more mod_security bits

---
 config/apache_mod_security/apache_mod_security.inc | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/config/apache_mod_security/apache_mod_security.inc b/config/apache_mod_security/apache_mod_security.inc
index 4d0402be..cf39e467 100644
--- a/config/apache_mod_security/apache_mod_security.inc
+++ b/config/apache_mod_security/apache_mod_security.inc
@@ -169,17 +169,37 @@ EOF;
     # Turn the filtering engine On or Off
     SecFilterEngine On
 
+	# XXX Add knobs for these
+	SecRuleEngine On
+	SecRequestBodyAccess On
+	SecResponseBodyAccess On
+	
+	# XXX Add knobs for these
+	SecRequestBodyInMemoryLimit 131072
+	SecRequestBodyLimit 10485760
+
+	SecResponseBodyMimeTypesClear
+	SecResponseBodyMimeType (null) text/plain text/html text/css text/xml
+
+	# XXX Add knobs for these
+	SecUploadDir /var/spool/apache/private
+	SecUploadKeepFiles Off
+
+	# XXX Add knobs for these
     # The audit engine works independently and
     # can be turned On of Off on the per-server or
     # on the per-directory basis
     SecAuditEngine RelevantOnly
 
+	# XXX Add knobs for these
     # Make sure that URL encoding is valid
     SecFilterCheckURLEncoding On
 
+	# XXX Add knobs for these
     # Unicode encoding check
     SecFilterCheckUnicodeEncoding On
 
+	# XXX Add knobs for these
     # Only allow bytes from this range
     SecFilterForceByteRange 1 255
 
-- 
cgit v1.2.3