You can also add a white list to this module. For this you need to add the folowing lines to the modsecurity_crs_10_config.conf:
#Whitelist Apache logs
SecRule REMOTE_ADDR "^192\.2\.1\.1$"phase:1,nolog,allow,ctl:ruleEngine=Off
#SecResponseBodyLimit
You can increase SecResponseBodyLimit if you get a message like:
"ModSecurity: Output filter: Response body too large (over limit of 524288, total not specified)".
Have a look into modsecurity_crs_10_config.conf file and modify on the last line the "524288" value to "2097152" :
SecRequestBodyAccess On
SecResponseBodyAccess On
SecResponseBodyMimeType (null) text/html text/plain text/xml
SecResponseBodyLimit 2097152
Reference: http://www.starhost.ro/Linux-Tutorials/modsecurity-install.html
OR
Change 524288 to larger value, or change option ‘SecResponseBodyAccess’ to Off, save and restart apache
apachectl restart
Reference: http://www.honyi.tw/hy-bb3/viewtopic.php?f=10&t=75
#cat modsecurity_crs_10_config.conf
# Set web server identification string
#
# TODO In case you use Apache, you may want specify a simple server signature
# instead of the detailed Apache default signature that list most modules
# used on the specific Apache deployment:
# "Apache/2.2.0 (Fedora)"
# For this directive to work, you need to set Apache ServerTokens
# to Full (this is the default option)
#SecServerSignature "Apache/2.2.0 (Fedora)"
vi /etc/httpd/modsecurity.d/modsecurity_crs_10_config.conf
SecRequestBodyAccess On
#SecResponseBodyAccess Off
SecResponseBodyLimit 2097152
