The-World-Is-Yours/static/modsec/l7.conf

    testcookie off;
    testcookie_name DOPEHOSTING;
    testcookie_secret random;
    testcookie_session $remote_addr;
    #testcookie_arg GO;
    testcookie_httponly_flag on;
    testcookie_max_attempts 3;
    testcookie_secure_flag on;
    testcookie_get_only on;
    testcookie_p3p 'CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"';
    testcookie_fallback /cookies.html?backurl=$scheme://$host$request_uri;

    # Those are some ip's whitelisted by me. mostly are search engines. But not everything!
    testcookie_whitelist {
        8.8.8.8/32;
        127.0.0.1/32;
        # I don't suggest using alot of IPs here as this whitelist can fail!.
    }
    testcookie_redirect_via_refresh on;
    testcookie_refresh_encrypt_cookie on;
    testcookie_refresh_encrypt_cookie_key random;
    testcookie_refresh_encrypt_cookie_iv random;
    testcookie_refresh_template '<html><head><meta http-equiv="refresh" content="0; $testcookie_nexturl"><title>Just a moment please...</title></head><body> </script><script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script><script type=\"text/javascript\" src="//raw.githubusercontent.com/theraw/The-World-Is-Yours/focal-patch/static/modsec/aes.min.js" ></script><script>function toNumbers(d){var e=[];d.replace(/(..)/g,function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments,e="",f=0;f<d.length;f++)e+=(16>d[f]?"0":"")+d[f].toString(16);return e.toLowerCase()}var a=toNumbers("$testcookie_enc_key"),b=toNumbers("$testcookie_enc_iv"),c=toNumbers("$testcookie_enc_set");document.cookie="DOPEHOSTING="+toHex(slowAES.decrypt(c,2,a,b))+"; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/";</script></body></html>';