1
0
angie-conv-image/angie/modsecurity.dist/rules.conf

33 lines
1.1 KiB
Plaintext

Include modsecurity.conf
# To enable the OWASP CRS, please perform the following steps:
#
# 1. Checkout Core Rule Set from GitHub and create config files as shown below:
#
# version='v4.5.0'
# uri="https://github.com/coreruleset/coreruleset/archive/refs/tags/${version}.tar.gz"
# dst_dir='/etc/angie/modsecurity/coreruleset'
# w=$(mktemp -d) ; : "${w:?}"
# cd "$w/"
# tarball="coreruleset.tar.gz"
# /usr/lib/apt/apt-helper download-file "${uri}" "${tarball}"
# mkdir coreruleset
# tar -C ./coreruleset --strip-components=1 -xf "${tarball}"
# rm -f "${tarball}" ; unset tarball
# for p in \
# crs-setup.conf \
# rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf \
# rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf \
# ; do
# src="coreruleset/$p.example"
# dst="${dst_dir}/$p"
# [ -f "${src}" ] || continue
# [ -d "${dst%/*}" ] || mkdir -p "${dst%/*}"
# cp -nv "${src}" "${dst}"
# done
# rm -rf "${w:?}/" ; unset w
#
# 2. Uncomment both 'Include' directives below
#Include coreruleset/crs-setup.conf
#Include coreruleset/rules/*.conf