mod_security configuration files
1. /etc/httpd/conf.d/mod_security.conf - main configuration file for the mod_security Apache module.
2. /etc/httpd/modsecurity.d/ - all other configuration files for the mod_security Apache.
3. /etc/httpd/modsecurity.d/modsecurity_crs_10_config.conf - Configuration contained in this file should be customized for your specific requirements before deployment.
4. /var/log/httpd/modsec_debug.log - Use debug messages for debugging mod_security rules and other problems.
5. /var/log/httpd/modsec_audit.log - All requests that trigger a ModSecurity events (as detected) or a serer error are logged ("RelevantOnly") are logged into this file.
Open /etc/httpd/modsecurity.d/modsecurity_crs_10_config.conf file, enter:
# vi /etc/httpd/modsecurity.d/modsecurity_crs_10_config.conf
Make sure SecRuleEngine set to "On" to protect webserver for the attacks:
SecRuleEngine On
Reference: http://www.cyberciti.biz/faq/rhel-fedora-centos-httpd-mod_security-configuration/