--- /dev/null
+## Begin - Generated by CARNet package mod-security-cn
+#
+# REMOVE this whole block if you DON'T WANT mod-security-cn
+# to edit your configuration file.
+#
+## End - Generated by CARNet package mod-security-cn
+
+<IfModule mod_security2.c>
+
+ # Skip RBL lookup for localhost, 161.53.0.0/16, 193.198.0.0/16 and 82.132.0.0/17.
+ SecRule REMOTE_ADDR "^(127\.0\.0\.1|161\.53\.\d{1,3}\.\d{1,3}|193\.198\.\d{1,3}\.\d{1,3}|82\.132\.(\d{1,2}|10\d{1}|11\d{1}|12[0-7]{1})\.\d{1,3})$" "phase:2,pass,nolog,t:none,skip:1"
+
+ # RBL lookup using xbl.dnsbl-sh.carnet.hr.
+ SecRule REMOTE_ADDR "@rbl xbl.dnsbl-sh.carnet.hr" "phase:2,deny,log,status:500,t:none,msg:'RBL: xbl.dnsbl-sh.carnet.hr',severity:'1'"
+
+</IfModule>