#SecRule TX:HIGH_RISK_COUNTRY_CODES "!@rx ^$" \
#    "id:910100,\
#    phase:2,\
#    block,\
#    t:none,\
#    msg:'Client IP is from a HIGH Risk Country Location.',\
#    logdata:'%{MATCHED_VAR}',\
#    tag:'application-multi',\
#    tag:'language-multi',\
#    tag:'platform-multi',\
#    tag:'attack-reputation-ip',\
#    tag:'paranoia-level/1',\
#    severity:'CRITICAL',\
#    chain"
#    SecRule TX:REAL_IP "@geoLookup" \
#        "chain"
#        SecRule GEO:COUNTRY_CODE "@within %{tx.high_risk_country_codes}" \
#            "setvar:'tx.anomaly_score_pl1=+%{tx.critical_anomaly_score}',\
#            setvar:'ip.reput_block_flag=1',\
#            setvar:'ip.reput_block_reason=%{rule.msg}',\
#            expirevar:'ip.reput_block_flag=%{tx.reput_block_duration}'"