First question to kick-off the discussion is this - Do you like/dislike the concept of having a central config file – modsecurity_crs_10_config.conf?
The idea with this file is to try and consolidate a number of local settings within one file rather than having to edit the settings within a number of other individual files. Once these settings are made, the information is them propagated to the various rules by use of macro expansions. Do you like or dislike this concept? If you don't like it, why now? How can this file be made better? -- Ryan Barnett Trustwave SpiderLabs ModSecurity Project Leader OWASP ModSecurity CRS Project Leader ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
