I'm using right now that
Include conf/modsecurity_crs/*.conf
Include conf/modsecurity_crs/base_rules/*.conf
Include conf/modsecurity_crs/optional_rules/*.conf
approach, wasn't aware of that problem (fairly new to modsecurity and
owasp) .. thanks for pointing out.
However, i wouldn't copy but better symlink them, this way it's still
possible to have it auto-updated.
cheers
Andreas
Yes, I think this would be helpful. It might be worth explaining in
the comments why the "proper order" is important, and thus where to
put custom configuration settings and rules for each vhost/server.
Colin
On 14 April 2011 14:00, Ryan Barnett <[email protected]> wrote:
Any comments on this approach? Good idea?
-Ryan
From: Ryan Barnett <[email protected]<mailto:[email protected]>>
Date: Tue, 12 Apr 2011 09:57:24 -0500
To:
"[email protected]<mailto:[email protected]>"
<[email protected]<mailto:[email protected]>>
Subject: CRS Directory Format Question
The current OWASP CRS archive has a number of directories that hold different
rules -
* base_rules
* optional_rules
* slr_rules
* experimental_rules
I am thinking that most ModSecurity users want to use Apache Include
wild-carding when activating rulesets -
<IfModule security2_module>
Include conf/modsecurity_crs/*.conf
Include conf/modsecurity_crs/base_rules/*.conf
</IfModule>
While this is certainly convenient, this does cause a problem. The various
rules files have a numbering scheme whose purpose to to help ensure that the
rules file are executed in the proper order when wild-carding with includes.
Activating these rules are challenging when separated into the different
directories.
<IfModule security2_module>
Include conf/modsecurity_crs/*.conf
Include conf/modsecurity_crs/base_rules/*.conf
Include conf/modsecurity_crs/optional_rules/*.conf
</IfModule>
So, what I am thinking is that we should add an empty directory called -
* activated_rules
The sole purpose of this directory would be for the local Admin to copy all
files that they want to run into that one directory. When they do this, then
the file name numbering scheme will work and it will allow for easier Include
wild-carding -
<IfModule security2_module>
Include conf/modsecurity_crs/*.conf
Include conf/modsecurity_crs/activated_rules/*.conf
</IfModule>
How does this approach sound to everyone?
-Ryan
________________________________
This transmission may contain information that is privileged, confidential,
and/or exempt from disclosure under applicable law. If you are not the intended
recipient, you are hereby notified that any disclosure, copying, distribution,
or use of the information contained herein (including any reliance thereon) is
STRICTLY PROHIBITED. If you received this transmission in error, please
immediately contact the sender and destroy the material in its entirety,
whether in electronic or hard copy format.
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
[email protected]
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
[email protected]
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
[email protected]
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
