initial commit

angie/modsecurity/rules.conf

@@ -0,0 +1,33 @@
+Include modsecurity.conf
+
+# To enable the OWASP CRS, please perform the following steps:
+#
+# 1. Checkout Core Rule Set from GitHub and create config files as shown below:
+#
+#      version='v4.14.0'
+#      uri="https://github.com/coreruleset/coreruleset/archive/refs/tags/${version}.tar.gz"
+#      dst_dir='/etc/angie/modsecurity/coreruleset'
+#      w=$(mktemp -d) ; : "${w:?}"
+#      cd "$w/"
+#      tarball="coreruleset.tar.gz"
+#      curl -Lo "${tarball}" "${uri}"
+#      mkdir coreruleset
+#      tar -C ./coreruleset --strip-components=1 -xf "${tarball}"
+#      rm -f "${tarball}" ; unset tarball
+#      for p in \
+#        crs-setup.conf \
+#        rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf \
+#        rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf \
+#      ; do
+#          src="coreruleset/$p.example"
+#          dst="${dst_dir}/$p"
+#          [ -f "${src}" ] || continue
+#          [ -d "${dst%/*}" ] || mkdir -p "${dst%/*}"
+#          cp -nv "${src}" "${dst}"
+#      done
+#      rm -rf "${w:?}/" ; unset w
+#
+# 2. Uncomment both 'Include' directives below
+
+#Include coreruleset/crs-setup.conf
+#Include coreruleset/rules/*.conf