Bug 250470
| Summary: | www/mod_security: Make crs-setup.conf follow upstream changes when pulling; correct outdated instructions; improve the documentation | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Samy Mahmoudi <samy.mahmoudi> | ||||
| Component: | Individual Port(s) | Assignee: | Jochen Neumeister <joneum> | ||||
| Status: | Closed Overcome By Events | ||||||
| Severity: | Affects Some People | CC: | diizzy, joneum | ||||
| Priority: | --- | Flags: | bugzilla:
maintainer-feedback?
(joneum) |
||||
| Version: | Latest | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
Hi, Is this still relevant? Best regards, Daniel |
Created attachment 218900 [details] Patch file Hi, • Make crs-setup.conf follow upstream changes when pulling • Correct outdated instructions • Improve other parts of the documentation Here is a full log to ease in review: 280_mod_security.conf.sample.in: • Replace confusing instruction 'enable mod_unique_id in httpd.conf' with coherent alternatives • Isolate the comment related to the OWASP Core Rule Set and refine the reference to instructions • Add a commented Include line to ease in configuration README.in: • Replace outdated 'modsecurity_crs_10_setup.conf.example' with 'crs-setup.conf.example' • Use upstream name 'crs-setup.conf' instead of 'crs.conf' to keep track of origin • Replace outdated 'base_rules' with 'rules' • Refine instructions with possible use of %%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%% • Replace etc with %%ETCDIR%% (no functional change, intention is to make %%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%% and %%DOCSDIR%%/README coherent) • Make crs-setup.conf follow upstream changes by linking instead of copying, and update the documentation accordingly (stashing is done manually to cover all cases) pkg-message.in: • Replace %%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%% with %%DOCSDIR%%/README so that the users can read the first paragraph of %%DOCSDIR%%/README before they are invited to use the signatures from the OWASP Core Rule Set (CRS) • Refine the reference to instructions (CRS)