diff --git a/conf/modsecurity.conf b/conf/modsecurity.conf
index 927966b..15a9cf3 100644
--- a/conf/modsecurity.conf
+++ b/conf/modsecurity.conf
@@ -11,6 +11,10 @@ SecAuditLog /var/log/modsecurity/audit.log
 SecRule REQUEST_URI|ARGS "(?i:(?:select|insert|update|delete|drop|union|create|alter|truncate)\s+.+\s+from|'[^']*'|--|;|\b(or|and)\b\s+\d+\s*=\s*\d+)" \
     "id:950001,phase:1,deny,status:403,msg:'SQL INJECTION ATTACK DETECTED!!!',log,t:urlDecode,t:sqlHexDecode,t:lowercase"
 
+# sql injection parte 2
+SecRule REQUEST_URI|ARGS "['\"](?:\s+or\s+\d+\s*=\s*\d+\s*--|\s+or\s+'.+?'\s*=\s*'.+?'\s*--|.*?--)" \
+    "id:950002,phase:1,deny,status:403,msg:'SQL INJECTION ATTACK DETECTED!1!',log,t:urlDecode,t:lowercase,t:compressWhitespace"
+
 # xss / html injection
 SecRule REQUEST_URI|ARGS "(<.*>)|(%3C.*%3E)" \
     "id:950003,phase:1,deny,status:403,msg:'XSS/HTML INJECTION DETECTED!!!',log"