I have ModSecurity installed and enabled for scanning and blocking but it does not block anything. Tried different rule sets including basic and paid Atomic and Comodo. Rule sets are downloaded fine to /etc/httpd/conf/modsecurity.d/rules/. It does write to modsec_audit.log but doesn't give 403...