[Owasp-modsecurity-core-rule-set] Updating CRS
misc.lists at blueyonder.co.uk
Sat Feb 6 08:03:59 EST 2010
In the latest version of CRS the README file contains the following
"You can optionally automatically download the latest rules by using the
rules-updater.pl script in the /util directory. Refer to the README
file in the /util dir."
The util directory in the tarball however contains neither a
rules-updater script, nor a readme file.
This leads me to a more generic question - How best to maintain one's
I would very much like some sort of automatic (or configurable
semi-automatic) updating process. I am also a little concerned about
local exceptions. A little while ago Ryan was very helpful in getting me
over some FP problems. The solution involved updating
modsecurity_crs_48_local_exceptions.conf. Today I updated to CRS 2.0.5
and, having unpacked the tarball, was merrily copying the files
into /etc/httpd/modsecurity.d/base_rules/ Fortunately my root
environment has overwrite confirmation on, and I realised just in the
nick of time that I was about to overwrite the file with Ryan's rule
Is there no way to engineer a system - possibly a bit like
spamassassin's sa-update which receives rule updates, but where local
modifications are stored in a local.conf file which is untouched by the
Just a thought...
More information about the Owasp-modsecurity-core-rule-set