Lines 3-14
Link Here
|
3 |
|
3 |
|
4 |
To enable ModSecurity in Apache, follow the instructions in |
4 |
To enable ModSecurity in Apache, follow the instructions in |
5 |
|
5 |
|
6 |
%%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%% |
6 |
%%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%% |
7 |
|
7 |
|
8 |
ModSecurity has various configuration options. |
8 |
ModSecurity has various configuration options. |
9 |
To change them, edit the following file: |
9 |
To change them, edit the following file: |
10 |
|
10 |
|
11 |
%%ETCDIR%%/modsecurity.conf |
11 |
%%ETCDIR%%/modsecurity.conf |
12 |
|
12 |
|
13 |
Getting the Core Rule Set |
13 |
Getting the Core Rule Set |
14 |
------------------------- |
14 |
------------------------- |
Lines 22-36
Link Here
|
22 |
pkg install git |
22 |
pkg install git |
23 |
cd %%ETCDIR%% |
23 |
cd %%ETCDIR%% |
24 |
git clone https://github.com/SpiderLabs/owasp-modsecurity-crs |
24 |
git clone https://github.com/SpiderLabs/owasp-modsecurity-crs |
25 |
cp owasp-modsecurity-crs/modsecurity_crs_10_setup.conf.example \ |
25 |
ln -s owasp-modsecurity-crs/crs-setup.conf.example crs-setup.conf |
26 |
crs.conf |
|
|
27 |
|
26 |
|
28 |
The CRS has various config options. To change them, edit crs.conf. |
27 |
The CRS has various config options. To change them, edit crs-setup.conf. |
29 |
|
28 |
|
30 |
To activate the CRS base rules, add the following to your httpd.conf: |
29 |
To activate the CRS base rules, either add the following line to your httpd.conf |
31 |
|
30 |
|
32 |
Include etc/modsecurity/owasp-modsecurity-crs/base_rules/*.conf |
31 |
Include %%ETCDIR%%/owasp-modsecurity-crs/rules/*.conf |
33 |
|
32 |
|
|
|
33 |
or uncomment the same line in: |
34 |
|
35 |
%%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%% |
36 |
|
34 |
You can also add custom configuration and CRS exceptions here. |
37 |
You can also add custom configuration and CRS exceptions here. |
35 |
For instance, you might want to disable rules that generate false |
38 |
For instance, you might want to disable rules that generate false |
36 |
positives. Example: |
39 |
positives. Example: |
Lines 85-89
Link Here
|
85 |
do this with Git: |
88 |
do this with Git: |
86 |
|
89 |
|
87 |
cd %%ETCDIR%%/owasp-modsecurity-crs |
90 |
cd %%ETCDIR%%/owasp-modsecurity-crs |
88 |
git pull |
91 |
git stash push && git pull && git stash pop |
|
|
92 |
|
93 |
Resolve conflicts in crs-setup.conf.example, if any. Then execute: |
94 |
|
95 |
git reset && git stash drop |
89 |
apachectl restart |
96 |
apachectl restart |