33 lines
1.1 KiB
Plaintext
33 lines
1.1 KiB
Plaintext
Include modsecurity.conf
|
|
|
|
# To enable the OWASP CRS, please perform the following steps:
|
|
#
|
|
# 1. Checkout Core Rule Set from GitHub and create config files as shown below:
|
|
#
|
|
# version='v4.6.0'
|
|
# uri="https://github.com/coreruleset/coreruleset/archive/refs/tags/${version}.tar.gz"
|
|
# dst_dir='/etc/angie/modsecurity/coreruleset'
|
|
# w=$(mktemp -d) ; : "${w:?}"
|
|
# cd "$w/"
|
|
# tarball="coreruleset.tar.gz"
|
|
# curl -Lo "${tarball}" "${uri}"
|
|
# mkdir coreruleset
|
|
# tar -C ./coreruleset --strip-components=1 -xf "${tarball}"
|
|
# rm -f "${tarball}" ; unset tarball
|
|
# for p in \
|
|
# crs-setup.conf \
|
|
# rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf \
|
|
# rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf \
|
|
# ; do
|
|
# src="coreruleset/$p.example"
|
|
# dst="${dst_dir}/$p"
|
|
# [ -f "${src}" ] || continue
|
|
# [ -d "${dst%/*}" ] || mkdir -p "${dst%/*}"
|
|
# cp -nv "${src}" "${dst}"
|
|
# done
|
|
# rm -rf "${w:?}/" ; unset w
|
|
#
|
|
# 2. Uncomment both 'Include' directives below
|
|
|
|
#Include coreruleset/crs-setup.conf
|
|
#Include coreruleset/rules/*.conf |