Released new COMODO ModSecurity rules with
improved files structure.
Now you can disable not required protection by pressing 'Edit' button in Security Center -> ModSecurity™ Vendors (Home »Security Center »Select Vendor Rule Sets)
Switch config file status from 'On' to 'Off' to disable this rules group.
Here is groups description:
Init_Initialization.conf - ModSecurity Initialization. Please do not disable this group.
Global_Generic.conf - Generic protection
Global_Agents.conf - Detecting bots and scanners
Global_Domains.conf - Detecting malicious domains
Global_Exceptions.conf - Protocol violation attacks
Global_Incoming.conf - Attacks targeting OSVDB flagged resource
Global_Backdoor.conf - Access backdoor/trojans possibly injected
XSS_XSS.conf - Detecting Cross Site Scripting vulnerabilities
Global_Other.conf - Various checks without group
Bruteforce_Bruteforce.conf - Bruteforce protection
HTTP_HTTP.conf - Generic HTTP protection
HTTP_HTTPDoS.conf - Denial-of-service attacks protection
HTTP_Protocol.conf - Detecting protocol violations
HTTP_Request.conf - Checking HTTP request
Outgoing_FilterGen.conf - Generic information reveal
Outgoing_FilterASP.conf - ASP/JSP source code leakage
Outgoing_FilterPHP.conf - PHP information disclosure
Outgoing_FilterIIS.conf - Microsoft's IIS information leakage
Outgoing_FilterSQL.conf - SQL information reveal
Outgoing_FilterOther.conf - Other apps information disclosure
Outgoing_FilterInFrame.conf - Various 'iframe' cheсks
Outgoing_FiltersEnd.conf - Checking traffic points
PHP_PHPGen.conf - Generic PHP protection
SQL_SQLi.conf - SQL Injection protection
Init_AppsInitialization.conf - Initialization Web Applications variables. Do not disable this group.
Apps_Joomla.conf - Joomla! protection
Apps_JComponent.conf - Joomla! components protection
Apps_WordPress.conf - WordPress protection
Apps_WPPlugin.conf - WordPress Plugins protection
Apps_WHMCS.conf - WHMCS protection
Apps_Drupal.conf - Drupal protection
Apps_OtherApps.conf - Other Web Applications protection