Created attachment 218900 [details]
• Make crs-setup.conf follow upstream changes when pulling
• Correct outdated instructions
• Improve other parts of the documentation
Here is a full log to ease in review:
• Replace confusing instruction 'enable mod_unique_id in httpd.conf' with coherent alternatives
• Isolate the comment related to the OWASP Core Rule Set and refine the reference to instructions
• Add a commented Include line to ease in configuration
• Replace outdated 'modsecurity_crs_10_setup.conf.example' with 'crs-setup.conf.example'
• Use upstream name 'crs-setup.conf' instead of 'crs.conf' to keep track of origin
• Replace outdated 'base_rules' with 'rules'
• Refine instructions with possible use of %%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%%
• Replace etc with %%ETCDIR%% (no functional change, intention is to make %%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%% and %%DOCSDIR%%/README coherent)
• Make crs-setup.conf follow upstream changes by linking instead of copying, and update the documentation accordingly (stashing is done manually to cover all cases)
• Replace %%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%% with %%DOCSDIR%%/README so that the users can read the first paragraph of %%DOCSDIR%%/README before they are invited to use the signatures from the OWASP Core Rule Set (CRS)
• Refine the reference to instructions (CRS)