Include /etc/nginx/modsec/modsecurity.conf
Include /etc/nginx/modsec/owasp-modsecurity-crs/crs-setup.conf
Include /etc/nginx/modsec/owasp-modsecurity-crs/rules/*.conf

# Basic test rule
# Source: https://www.nginx.com/blog/compiling-and-installing-modsecurity-for-open-source-nginx/
SecRule ARGS:testparam "@contains test" "id:1234,deny,status:403"

# Allow PUT and DELETE methods
SecAction "id:900200,phase:1,nolog,pass,t:none,setvar:'tx.allowed_methods=DELETE GET HEAD POST PUT OPTIONS'"