Created attachment 218900 [details] Patch file Hi, • Make crs-setup.conf follow upstream changes when pulling • Correct outdated instructions • Improve other parts of the documentation Here is a full log to ease in review: 280_mod_security.conf.sample.in: • Replace confusing instruction 'enable mod_unique_id in httpd.conf' with coherent alternatives • Isolate the comment related to the OWASP Core Rule Set and refine the reference to instructions • Add a commented Include line to ease in configuration README.in: • Replace outdated 'modsecurity_crs_10_setup.conf.example' with 'crs-setup.conf.example' • Use upstream name 'crs-setup.conf' instead of 'crs.conf' to keep track of origin • Replace outdated 'base_rules' with 'rules' • Refine instructions with possible use of %%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%% • Replace etc with %%ETCDIR%% (no functional change, intention is to make %%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%% and %%DOCSDIR%%/README coherent) • Make crs-setup.conf follow upstream changes by linking instead of copying, and update the documentation accordingly (stashing is done manually to cover all cases) pkg-message.in: • Replace %%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%% with %%DOCSDIR%%/README so that the users can read the first paragraph of %%DOCSDIR%%/README before they are invited to use the signatures from the OWASP Core Rule Set (CRS) • Refine the reference to instructions (CRS)