diff --git a/README.md b/README.md
index 8514e0e..60df054 100644
--- a/README.md
+++ b/README.md
@@ -307,6 +307,7 @@ If set to yes, ClamAV will automatically remove the detected files.
 ## TODO
 - Default CSP
 - Custom Dockerfile based on bunkerized-nginx
+- Auth basic
 - Documentation
 - Custom TLS certificates
 - HSTS preload, HPKP
diff --git a/confs/modsecurity-clamav.conf b/confs/modsecurity-clamav.conf
index 3c2999d..001f524 100644
--- a/confs/modsecurity-clamav.conf
+++ b/confs/modsecurity-clamav.conf
@@ -1,2 +1,4 @@
+SecUploadDir /tmp
+SecUploadKeepFiles Off
 SecRule FILES_TMPNAMES "@inspectFile /opt/scripts/clamav.sh" \
-"phase:2,t:none,block,msg:'Virus found in uploaded file',id:'399999'"
+"phase:2,t:none,deny,msg:'Virus found in uploaded file',id:'399999'"
diff --git a/scripts/clamav.sh b/scripts/clamav.sh
index 39f66ec..145cc7a 100644
--- a/scripts/clamav.sh
+++ b/scripts/clamav.sh
@@ -1,7 +1,7 @@
 #!/bin/sh
 
-output=$(clamscan -i --no-summary "$1" 2> /dev/null)
-
+output=$(clamscan -i --no-summary $1 2> /dev/null)
+rm -f $1
 if echo "$output" | grep -q ".* FOUND$" ; then
 	echo "0 clamscan: $output"
 else