SecUploadDir /tmp
SecUploadKeepFiles On
SecRule FILES_TMPNAMES "@inspectFile /opt/scripts/clamav.sh" \
"phase:2,t:none,deny,msg:'Virus found in uploaded file',id:'399999'"