Bug 250470 - www/mod_security: Make crs-setup.conf follow upstream changes when pulling; correct outdated instructions; improve the documentation
Summary: www/mod_security: Make crs-setup.conf follow upstream changes when pulling; c...
Status: Closed Overcome By Events
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Jochen Neumeister
Depends on:
Reported: 2020-10-19 18:20 UTC by Samy Mahmoudi
Modified: 2022-09-16 08:21 UTC (History)
2 users (show)

See Also:
bugzilla: maintainer-feedback? (joneum)

Patch file (3.78 KB, patch)
2020-10-19 18:20 UTC, Samy Mahmoudi
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Samy Mahmoudi 2020-10-19 18:20:09 UTC
Created attachment 218900 [details]
Patch file


• Make crs-setup.conf follow upstream changes when pulling
• Correct outdated instructions
• Improve other parts of the documentation

Here is a full log to ease in review:

• Replace confusing instruction 'enable mod_unique_id in httpd.conf' with coherent alternatives
• Isolate the comment related to the OWASP Core Rule Set and refine the reference to instructions
• Add a commented Include line to ease in configuration

• Replace outdated 'modsecurity_crs_10_setup.conf.example' with 'crs-setup.conf.example'
• Use upstream name 'crs-setup.conf' instead of 'crs.conf' to keep track of origin
• Replace outdated 'base_rules' with 'rules'
• Refine instructions with possible use of %%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%%
• Replace etc with %%ETCDIR%% (no functional change, intention is to make %%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%% and %%DOCSDIR%%/README coherent)
• Make crs-setup.conf follow upstream changes by linking instead of copying, and update the documentation accordingly (stashing is done manually to cover all cases)

• Replace %%PREFIX%%/%%APACHEETCDIR%%/modules.d/%%APMOD_FILE%% with %%DOCSDIR%%/README so that the users can read the first paragraph of %%DOCSDIR%%/README before they are invited to use the signatures from the OWASP Core Rule Set (CRS)
• Refine the reference to instructions (CRS)
Comment 1 Daniel Engberg freebsd_committer 2022-08-08 23:37:53 UTC

Is this still relevant?

Best regards,