====== ModSecurity ======

==== Basic config ====

   # Turn the filtering engine On or Off
   SecFilterEngine On
  
   # Make sure that URL encoding is valid
   SecFilterCheckURLEncoding On
   
   # Unicode encoding check
   SecFilterCheckUnicodeEncoding On
   
   # Only allow bytes from this range
   SecFilterForceByteRange 0 255
   
   # Only log actionable requests
   SecAuditEngine RelevantOnly
   
   # The name of the audit log file
   SecAuditLog /var/log/apache2/audit_log
   
   # Debug level set to a minimum
   SecFilterDebugLog /var/log/apache2/modsec_debug_log
   SecFilterDebugLevel 2
   
   # Should mod_security inspect POST payloads
   SecFilterScanPOST On
   
   # By default log and deny suspicious requests
   # with HTTP status 500
   SecFilterDefaultAction "deny,log,status:500"
   
   # Add custom secfilter rules here

===== Changing Apache Server Name To Whatever  =====

''**/etc/apache2/conf.d/security**'' 
<code>
..
ServerTokens Full
SecServerSignature "Whateveryouwnat"
</code>