Skip to content

Commit 7a8c78f

Browse files
victorhoravictorhora
authored
Add basic usage docs
Thanks to @porjo for reminding us to do that :)
1 parent 83c31de commit 7a8c78f

File tree

1 file changed

+83
-0
lines changed

1 file changed

+83
-0
lines changed

README.md

+83
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,89 @@ $ make
3131
$ sudo make install
3232
```
3333

34+
# Usage
35+
36+
libModSecurity for Apache extends your configuration directives. In order to load the module into Apache add the following directive to your Apache configuration:
37+
38+
```
39+
LoadModule security3_module modules/mod_security3.so
40+
```
41+
42+
The module adds new directives to Apache and some them are documented below:
43+
44+
modsecurity
45+
-----------
46+
**syntax:** *modsecurity on | off*
47+
48+
**context:** *http, server, location*
49+
50+
**default:** *off*
51+
52+
Turns on or off ModSecurity functionality.
53+
Note that this configuration directive is no longer related to the SecRule state.
54+
Instead, it now serves solely as an Apache flag to enable or disable the module.
55+
56+
modsecurity_rules_file
57+
----------------------
58+
**syntax:** *modsecurity_rules_file <path to rules file>*
59+
60+
**context:** *http, server, location*
61+
62+
**default:** *no*
63+
64+
Specifies the location of the ModSecurity configuration file, e.g.:
65+
66+
```
67+
modsecurity on
68+
modsecurity_rules_file /etc/my_modsecurity_rules.conf;
69+
```
70+
71+
modsecurity_rules_remote
72+
------------------------
73+
**syntax:** *modsecurity_rules_remote <key> <URL to rules>*
74+
75+
**context:** *http, server, location*
76+
77+
**default:** *no*
78+
79+
Specifies from where (on the internet) a modsecurity configuration file will be downloaded.
80+
It also specifies the key that will be used to authenticate to that server:
81+
82+
```
83+
modsecurity on
84+
modsecurity_rules_remote my-server-key https://my-own-server/rules/download;
85+
```
86+
87+
modsecurity_rules
88+
-----------------
89+
**syntax:** *modsecurity_rules <modsecurity rule>*
90+
91+
**context:** *http, server, location*
92+
93+
**default:** *no*
94+
95+
Allows for the direct inclusion of a ModSecurity rule into the Apache configuration.
96+
The following example is loading rules from a file and injecting specific configurations per directory/alias:
97+
98+
```
99+
TODO
100+
```
101+
102+
modsecurity_transaction_id
103+
--------------------------
104+
**syntax:** *modsecurity_transaction_id string*
105+
106+
**context:** *http, server, location*
107+
108+
**default:** *no*
109+
110+
Allows to pass transaction ID from Apache instead of generating it in the library.
111+
This can be useful for tracing purposes, e.g. consider this configuration:
112+
113+
```
114+
TODO
115+
```
116+
34117
# Contributing
35118

36119
As an open source project we invite (and encourage) anyone from the community to contribute to our project. This may take the form of: new

0 commit comments

Comments
 (0)