diff --git a/doc/modsecurity2-apache-reference.xml b/doc/modsecurity2-apache-reference.xml
index 42123eac..8b1fb448 100644
--- a/doc/modsecurity2-apache-reference.xml
+++ b/doc/modsecurity2-apache-reference.xml
@@ -167,12 +167,11 @@
ModSecurity is available under two licenses. Users can choose to
use the software under the terms of the GNU General Public License
- (http://www.gnu.org/licenses/gpl.html),as
- an Open Source / Free Software product. A range of commercial licenses
- is also available, together with a range of commercial support
- contracts. For more information on commercial licensing please contact
- Breach Security.
+ version 2 (licence text is included with the distribution),as an Open
+ Source / Free Software product. A range of commercial licenses is also
+ available, together with a range of commercial support contracts. For
+ more information on commercial licensing please contact Breach
+ Security.
ModSecurity, mod_security, and ModSecurity Pro are trademarks or
@@ -1037,12 +1036,13 @@ SecAuditLogStorageDir logs/audit
Development of a state of the art external protection tool will be
a focus of subsequent ModSecurity releases. However, a fully functional
tool is already available as part of the Apache httpd tools project
- (http://www.apachesecurity.net/tools/). The
- tool is called httpd-guardian and can be used to defend against Denial
- of Service attacks. It uses the blacklist tool (from the same project)
- to interact with an iptables-based (Linux) or pf-based (*BSD) firewall,
- dynamically blacklisting the offending IP addresses. It can also
- interact with SnortSam (http://www.snortsam.net). Assuming
+ (http://www.apachesecurity.net/tools/).
+ The tool is called httpd-guardian and can be used to defend against
+ Denial of Service attacks. It uses the blacklist tool (from the same
+ project) to interact with an iptables-based (Linux) or pf-based (*BSD)
+ firewall, dynamically blacklisting the offending IP addresses. It can
+ also interact with SnortSam (http://www.snortsam.net). Assuming
httpd-guardian is already configured (look into the source code for the
detailed instructions) you only need to add one line to your Apache
configuration to deploy it:
@@ -1878,10 +1878,12 @@ SecRule HTTP_Host "!^$" "deny,phase:1"id_: SecRule ARGS:/^id_/ dirty
-
- In ModSecurity 1.X, the ARGS variable stood
- for QUERY_STRING + POST_PAYLOAD,
- whereas now it expands to to individual variables.
+
+
+ In ModSecurity 1.X, the ARGS variable stood
+ for QUERY_STRING + POST_PAYLOAD,
+ whereas now it expands to to individual variables.
+
@@ -4030,7 +4032,7 @@ SecRule XML:/soap:Envelope/soap:Body/q1:getInput/id() "123" phase:2,denyPCRE_DOLLAR_ENDONLY flags are set
during compilation, meaning a single dot will match any character,
including the newlines and a $
- end anchor will not match a trailing newline charater.
+ end anchor will not match a trailing newline charater.
@@ -4173,4 +4175,4 @@ SecRule XML "@validateSchema /path/to/apache2/conf/xml.xsd
-
+
\ No newline at end of file