- use modsecurity.conf-minimal by default with the rest of base rules, auto/th/apache-mod_security-2_5_12-3
authorTomasz Pala <gotar@pld-linux.org>
Thu, 15 Apr 2010 18:47:04 +0000 (18:47 +0000)
committercvs2git <feedback@pld-linux.org>
Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)
- set SecDataDir to /var/run/httpd, package *.data files,
- S: apache-mod_headers for crs_49_header_tagging, rel. 3

Changed files:
    apache-mod_security.conf -> 1.5
    apache-mod_security.spec -> 1.32

apache-mod_security.conf
apache-mod_security.spec

index a958747..84332fa 100644 (file)
@@ -8,6 +8,7 @@ LoadModule security2_module modules/mod_security2.so
        # This is the ModSecurity Core Rules Set.
 
        # Basic configuration goes in here
+       Include conf.d/modsecurity.d/modsecurity.conf-minimal
        Include conf.d/modsecurity.d/modsecurity_crs_10_config.conf
 
        # Protocol violation and anomalies.
@@ -31,7 +32,32 @@ LoadModule security2_module modules/mod_security2.so
 
        # Include modsecurity.d/modsecurity_crs_55_marketing.conf
 
+       Include conf.d/modsecurity.d/modsecurity_crs_23_request_limits.conf
+       Include conf.d/modsecurity.d/modsecurity_crs_41_phpids_converter.conf
+       Include conf.d/modsecurity.d/modsecurity_crs_41_phpids_filters.conf
+       Include conf.d/modsecurity.d/modsecurity_crs_41_sql_injection_attacks.conf
+       Include conf.d/modsecurity.d/modsecurity_crs_41_xss_attacks.conf
+       Include conf.d/modsecurity.d/modsecurity_crs_42_tight_security.conf
+       Include conf.d/modsecurity.d/modsecurity_crs_47_common_exceptions.conf
+       Include conf.d/modsecurity.d/modsecurity_crs_48_local_exceptions.conf
+       Include conf.d/modsecurity.d/modsecurity_crs_49_enforcement.conf
+       Include conf.d/modsecurity.d/modsecurity_crs_49_inbound_blocking.conf
+
+       # Optional rules
+
+       # Include conf.d/modsecurity.d/modsecurity_crs_40_experimental.conf
+       # Include conf.d/modsecurity.d/modsecurity_crs_42_comment_spam.conf
+       # Include conf.d/modsecurity.d/modsecurity_crs_46_et_sql_injection.conf
+       # Include conf.d/modsecurity.d/modsecurity_crs_46_et_web_rules.conf
+       # <IfModule mod_headers.c>
+       #       Include conf.d/modsecurity.d/modsecurity_crs_49_header_tagging.conf
+       # </IfModule>
+       # Include conf.d/modsecurity.d/modsecurity_crs_59_outbound_blocking.conf
+       # Include conf.d/modsecurity.d/modsecurity_crs_60_correlation.conf
+
        # Put your local rules in here.
 
        Include conf.d/modsecurity.d/modsecurity_localrules.conf
+
+       SecDataDir      /var/run/httpd
 </IfModule>
index 5fe8ac1..b625440 100644 (file)
@@ -4,7 +4,7 @@ Summary:        Apache module: securing web applications
 Summary(pl.UTF-8):     ModuĊ‚ do apache: ochrona aplikacji WWW
 Name:          apache-mod_%{mod_name}
 Version:       2.5.12
-Release:       2
+Release:       3
 License:       GPL v2
 Group:         Networking/Daemons/HTTP
 Source0:       http://www.modsecurity.org/download/modsecurity-apache_%{version}.tar.gz
@@ -15,6 +15,7 @@ BuildRequires:        apache-devel
 BuildRequires: rpmbuild(macros) >= 1.268
 Requires:      apache(modules-api) = %apache_modules_api
 Requires:      apache-mod_unique_id
+Suggests:      apache-mod_headers
 BuildRoot:     %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
 
 %define                apacheconfdir   %(%{apxs} -q SYSCONFDIR 2>/dev/null)/conf.d
@@ -56,7 +57,7 @@ install apache2/.libs/mod_%{mod_name}2.so $RPM_BUILD_ROOT%{apachelibdir}
 cp -a %{SOURCE1} $RPM_BUILD_ROOT%{apacheconfdir}/90_mod_%{mod_name}.conf
 
 install -d $RPM_BUILD_ROOT%{apacheconfdir}/modsecurity.d/blocking
-cp -a rules/*.conf rules/base_rules/* $RPM_BUILD_ROOT%{apacheconfdir}/modsecurity.d
+cp -a modsecurity.conf-minimal rules/*.conf rules/base_rules/* $RPM_BUILD_ROOT%{apacheconfdir}/modsecurity.d
 #cp -a rules/blocking/*.conf $RPM_BUILD_ROOT%{apacheconfdir}/modsecurity.d/blocking
 echo '# Drop your local rules in here.' > $RPM_BUILD_ROOT%{apacheconfdir}/modsecurity.d/modsecurity_localrules.conf
 
@@ -73,10 +74,10 @@ fi
 
 %files
 %defattr(644,root,root,755)
-%doc CHANGES MODSECURITY_LICENSING_EXCEPTION README.* modsecurity* doc/* rules/optional_rules rules/README.rules rules/CHANGELOG.rules
+%doc CHANGES MODSECURITY_LICENSING_EXCEPTION README.* modsecurity* doc/* rules/optional_rules rules/README.rules rules/CHANGELOG.rules tools
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{apacheconfdir}/*_mod_%{mod_name}.conf
 %dir %{apacheconfdir}/modsecurity.d
 %dir %{apacheconfdir}/modsecurity.d/blocking
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{apacheconfdir}/modsecurity.d/*.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{apacheconfdir}/modsecurity.d/*.*
 #%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{apacheconfdir}/modsecurity.d/blocking/*.conf
 %attr(755,root,root) %{apachelibdir}/*.so
This page took 0.182103 seconds and 4 git commands to generate.