diff --git a/README.md b/README.md
index 79787d7..41ab988 100644
--- a/README.md
+++ b/README.md
@@ -1014,8 +1014,11 @@ Wanna fingerprint WAFs? Lets see how.
                             <li><code>This error was generated by Mod_Security</code> text snippet.</li>
                             <li><code>One or more things in your request were suspicious</code> text snippet.</li>
                             <li><code>rules of the mod_security module</code> text snippet.</li>
+                            <li><code>mod_security rules triggered</code> text snippet.</li>
+                            <li>Reference to <code>/modsecurity-errorpage/</code> directory.</li>
                         </ul>
                     <li><code>Server</code> header may contain <code>Mod_Security</code> or <code>NYOB</code> keywords.</li>
+                    <li>Sometimes, the response code to an attack is <code>403</code> while the response phrase is <code>ModSecurity Action</code>.
                 </ul>
             </ul>
         </td>