====== mod_security tips and tricks ======
Mod_security engine is built-into LiteSpeed lshttpd binary, which is already an optimized implementation. No further compiling or installation required. 

Mod_security engine follows Apache's SecAuditLog. Please also make sure the file is writable by "nobody" user.

Even though we try hard to be compatible with most popular mod_security rules, at the moment, customers still experience some incompatibility issues from time to time. [[litespeed_wiki:config:mod_security-compatibility|Here]] we have addressed the issues. However, to help workaround them, we create this list of tips and tricks. Hopefully, their lives become easier before the issues get resolved permanently.

  * @inspectFile (http://www.litespeedtech.com/support/forum/showpost.php?p=46121&postcount=3 by ElliotP)

**@inspectFile support added as of LSWS 5.1.**

Some alternatives:

<file>
With CXS (http://configserver.com/cp/cxs.html) if you use the CXS Watch feature, 
it will listen for new and modified files and scan them anyway, so you get the 
same result, without needing @inspectFile
</file>

<file>
There is another free alternative, through PHP suhosin upload.verification_script
https://suhosin.org/stories/configuration.html#suhosin-upload-verification-script

</file>