https://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/

CHANGE LOG -

Version 2.1.0 - 12/29/2010

Improvements:
- Added Experimental Lua Converter script to normalize payloads. Based on
  PHPIDS Converter code and it used with the advanced filters conf file.
- Changed the name of PHPIDS converted rules to Advanced Filters
- Added Ignore Static Content (Performance enhancement) rule set
- Added XML Enabler (Web Services) rule set which will parse XML data
- Added Authorized Vulnerability Scanning (AVS) Whitelist rule set
- Added Denial of Service (DoS) Protection rule set
- Added Slow HTTP DoS (Connection Consumption) Protection rule set
- Added Brute Force Attack Protection rule set
- Added Session Hijacking Detection rule set
- Added Username Tracking rule set
- Added Authentication Tracking rule set
- Added Anti-Virus Scanning of File Attachments rule set
- Added AV Scanning program to /util directory
- Added Credit Card Usage Tracking/Leakage Prevention rule set
- Added experimental CC Track/PAN Leakage Prevention rule set
- Added an experimental_rules directory to hold new BETA rules
- Moved the local exceptions conf file back into base_rules dirctory however
  it has a ".example" extension to prevent overwriting customized versions
  when upgrading
- Separated out HTTP Parameter Pollution and Restricted Character Anomaly Detection rules to
  the experimental_rules directory
- Adding the REQUEST_HEADERS:User-Agent macro data to the initcol in 10 config file, which will
  help to make collections a bit more unique