modsecurity-crs for Debian
--------------------------

New way
-------

There's a new way to handle which CRS rules are included in the 
ModSecurity configuration.

A new directory /usr/share/modsecurity-crs/activated_rules/ would 
contain symlinks to those rules you want to use. There's a README file
in that dir with all the details. If you'd rather use this way,
your configuration file should include CRS rules as:

<IfModule security2_module>
	Include /usr/share/modsecurity-crs/*.conf
	Include /usr/share/modsecurity-crs/activated_rules/*.conf
</IfModule>

You may, of course, keep doing it the "old way". :-)


Old way
-------

If you want to use modsecurity's CRS rules just include the following
configuration snippet in your modsecurity configuration (usually under
/etc/modsecurity):

<IfModule security2_module>
	Include /usr/share/modsecurity-crs/*.conf
	Include /usr/share/modsecurity-crs/base_rules/*.conf
</IfModule>

Under /usr/share/modsecurity-crs/ you may also find other *_rules/ directories
with more experimental or "violent" rules.

 -- Alberto Gonzalez Iniesta <agi@inittab.org>  Fri, 16 Mar 2012 17:32:01 +0100