easily update modsec.conf rulesets

Lyttek

Well-Known Member
Jan 2, 2004
772
4
168
Greetings!

After browsing through umpteen posts and threads, I've not come to a solution that works yet on the following:

www.gotroot.com has rulesets for mod_security that can be (at time, though not at the moment) obtained via wget. So, I'm trying to setup mod_security to use all conf files in a certain directory.

/usr/local/apache/conf/modsec.conf contains a line:

Code:
Include "/usr/local/apache/conf/modsec.user.conf"
I'd like it to do something similar:

Code:
Include "/usr/local/apache/conf/modsec.rules/*.conf"
And that directory would contain rulesets such as rules.conf, exclude.conf, etc.

Everything I've tried so far makes apache fail on restart. So, am I doing something completely wrong? Is this possible?