<% if @mod_security.to_s == 'true' -%> SecRuleEngine On <% if @mod_security_relevantonly.to_s == 'true' -%> SecAuditEngine RelevantOnly <% else -%> SecAuditEngine On <% end -%> <% else -%> SecRuleEngine Off SecAuditEngine Off <% end -%> SecAuditLogType Concurrent SecAuditLogStorageDir <%= @logdir %>/ SecAuditLog <%= @logdir %>/mod_security_audit.log SecDebugLog <%= @logdir %>/mod_security_debug.log <% unless (disabled_rules=Array(@mod_security_rules_to_disable)).empty? -%> <% disabled_rules.each do |rule| -%> SecRuleRemoveById "<%= rule %>" <% end -%> <% end -%> <% unless (s=@mod_security_additional_options).to_s == 'absent' -%> <%= s %> <% end -%>