Verified Commit 31e7736a authored by tr's avatar tr
Browse files

Include CoreRuleSet

parent cf006b0b
......@@ -262,3 +262,37 @@ SecUnicodeMapFile unicode.mapping 20127
# Web Server version, APR version, PCRE version, Lua version, Libxml2
# version, Anonymous unique id for host.
SecStatusEngine On
# -- CoreRuleSet Setup -------------------------------------------------------
# https://www.netnea.com/cms/nginx-tutorial-6_embedding-modsecurity/
# https://www.netnea.com/cms/nginx-tutorial-7_including-owasp-modsecurity-core-rule-set/
# The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack
# detection rules that provide a base level of protection for any web
# application. They are written for the open source, cross-platform
# ModSecurity Web Application Firewall.
#
# See also:
# https://coreruleset.org/
# https://github.com/coreruleset/coreruleset
Include /etc/modsecurity/coreruleset/crs-setup.conf
# -- Service-specific before Core-Rules (ids: 10000-49999) -------------------
Include /etc/modsecurity/rules/*.conf
# -- CoreRuleSet -------------------------------------------------------------
# The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack
# detection rules that provide a base level of protection for any web
# application. They are written for the open source, cross-platform
# ModSecurity Web Application Firewall.
#
# See also:
# https://coreruleset.org/
# https://github.com/coreruleset/coreruleset
Include /etc/modsecurity/coreruleset/rules/*.conf
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment