Marcel, See this blog post - http://blog.spiderlabs.com/2012/09/announcing-the-availability-of-modsecurity-extension-for-nginx.html
At the time, you had to concatenate all ModSecurity config data into the one file specified by the ModSecurityConfig directive. Since then, however, we added Include support. This means that the file you specify should be the recommended base config for ModSecurity (https://github.com/SpiderLabs/ModSecurity/blob/master/modsecurity.conf-recommended) and at the end you add Include directives to the end to add OWASP CRS files. Ryan Barnett Lead Security Researcher, SpiderLabs On Sep 6, 2013, at 5:31 AM, "Marcel Fuhrmann" <fuhrmann.mar...@gmx.de<mailto:fuhrmann.mar...@gmx.de>> wrote: Hi Guys, is there a way to integrate<http://www.dict.cc/englisch-deutsch/integrate.html> the basic core rule set of owasp into nginx with ModSecurity? _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org<mailto:Owasp-modsecurity-core-rule-set@lists.owasp.org> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
