Package: modsecurity-crs Version: 2.2.9-1 Severity: normal Dear Maintainer,
Although Debian's nginx packages do not support ModSecurity, it would be helpful to users who have built their own (which is not uncommon for nginx) if this rule set package could be installed without unnecessarily dragging in Apache. What few references to Apache there are point to /usr/local/apache so they are invalid anyway. You may have read that a ModSecurity configuration for nginx needs to be concatenated into a single file but this is no longer the case. It now supports an Include directive. Regards, James Le Cuirot -- System Information: Debian Release: 8.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)