File: README.Debian

package info (click to toggle)
modsecurity-crs 2.2.9-1+deb8u1
  • links: PTS
  • area: main
  • in suites: jessie
  • size: 3,064 kB
  • ctags: 219
  • sloc: perl: 1,002; ansic: 727; ruby: 69; makefile: 18
file content (38 lines) | stat: -rw-r--r-- 1,138 bytes parent folder | download | duplicates (3)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
modsecurity-crs for Debian
--------------------------

New way
-------

There's a new way to handle which CRS rules are included in the 
ModSecurity configuration.

A new directory /usr/share/modsecurity-crs/activated_rules/ would 
contain symlinks to those rules you want to use. There's a README file
in that dir with all the details. If you'd rather use this way,
your configuration file should include CRS rules as:

<IfModule security2_module>
	Include /usr/share/modsecurity-crs/*.conf
	Include /usr/share/modsecurity-crs/activated_rules/*.conf
</IfModule>

You may, of course, keep doing it the "old way". :-)


Old way
-------

If you want to use modsecurity's CRS rules just include the following
configuration snippet in your modsecurity configuration (usually under
/etc/modsecurity):

<IfModule security2_module>
	Include /usr/share/modsecurity-crs/*.conf
	Include /usr/share/modsecurity-crs/base_rules/*.conf
</IfModule>

Under /usr/share/modsecurity-crs/ you may also find other *_rules/ directories
with more experimental or "violent" rules.

 -- Alberto Gonzalez Iniesta <agi@inittab.org>  Fri, 16 Mar 2012 17:32:01 +0100