| Summary: | www-apache/modsecurity-crs-3.0.0 version bump | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Graham E <gentoo> |
| Component: | Current packages | Assignee: | No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it <maintainer-needed> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | Keywords: | EBUILD |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/2016-November/002265.html | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 518828 | ||
| Bug Blocks: | |||
| Attachments: |
modsecurity-crs-3.0.0.ebuild
files/modsecurity-crs-3.0.0.conf |
||
|
Description
Graham E
2017-04-16 11:25:44 UTC
Created attachment 470116 [details]
modsecurity-crs-3.0.0.ebuild
Created attachment 470118 [details]
files/modsecurity-crs-3.0.0.conf
I committed this, but I left out the recommended configuration file by default for the same reasons I just mentioned in bug 615294. When users install modsecurity-crs, we want to be sure (as possible) that the default configuration will work. Many of the settings in crs-setup.conf.example are already default, and the CRS works out-of-the-box this way. Some of the nonstandard rules in that example file also have warnings on them that people should have to read before enabling them (by copying them into 80_mod_security-crs.conf). As with mod_security, there's no reason to have the additional /etc/modsecurity/crs-setup.conf file; our Apache configuration is already modular, and any rules can go directly in 80_mod_security-crs.conf which is protected from portage changes. If it turns our that there are configuration options we need to change by default, I can add them to 80_mod_security-crs.conf. |
