SecRuleEngine On
SecDebugLog "c:\temp\debug.log"
SecDebugLogLevel 9
SecAuditLogType Serial

# Directory where the files will be stored
# MUST NOT BE THE SAME AS THE APACHE LOGS FOLDER
SecAuditLogStorageDir c:\temp

# The index of all files created
# YOU MUST NOT ALLOW NON-ROOT USERS TO WRITE
# TO THE BASE FOLDER
SecAuditLog c:\temp\index.log

# Choose what to log – everything (default is ABCFHZ)
SecAuditLogParts ABCDEFGHZ

SecAuditEngine On
SecDefaultAction "phase:1,deny,log,status:403"

Include c:\inetpub\wwwroot\crs\mod*.conf

SecResponseBodyAccess On
SecStreamOutBodyInspection On
SecRequestBodyAccess On
SecStreamInBodyInspection On
SecContentInjection On