diff --git a/conf/modsecurity.conf b/conf/modsecurity.conf
index 0a36aaa..44a4911 100644
--- a/conf/modsecurity.conf
+++ b/conf/modsecurity.conf
@@ -12,7 +12,7 @@ SecRule REQUEST_URI|ARGS "['\";]|--" \
     "id:950001,phase:1,deny,status:403,msg:'SQL Injection Attack Detected',log"
 
 # xss / html injection
-SecRule REQUEST_URI ARGS "<.*>" \
+SecRule REQUEST_URI|ARGS "(<.*>)|(%3C.*%3E)" \
     "id:950003,phase:1,deny,status:403,msg:'XSS/HTML Injection Detected',log"
 
 # command injection