Felipe Zipitría
Felipe Zipitría
``` ❯ docker images --digests | rg 9c20dd4756378de04c3587911efdf37c15614403c0540e008f16ca1cdbc63cba owasp/modsecurity-crs 4-apache-202404131004 sha256:9c20dd4756378de04c3587911efdf37c15614403c0540e008f16ca1cdbc63cba 15d39956c2b9 2 months ago 259MB ```
OH, you are saying that, in the future, when we update containers in the pipeline, this might break?
This looks like easy to fix. Now log files are inside the server directory. E.g. `/var/log/apache2` for apache, and `/var/log/nginx` for nginx. So adding: ``` ERRORLOG: "/var/log/apache2/error.log" ACCESSLOG: "/var/log/apache2/access.log" MODSEC_AUDIT_LOG:...
``` $ pwd /var/log/apache2 $ ls -l total 20 -rw-r--r-- 1 httpd httpd 286 Jun 19 14:33 access.log -rw-r--r-- 1 httpd httpd 5385 Jun 19 14:33 error.log -rw-r----- 1 httpd...
> Do we want to keep the names? Eg. is the `crs-rules-check` is a good name or do we want to continue with `rules-check`? Or may be `coreruleset-check` (just a...
> Question 1: How many of the utilities in /util are no longer useful and can simply be sunset at this time? (I couldn't see all of them listed, hence...
I'll add this to the above decision then.
About the `rule_ctl`: all tools are strongly tied to our rules. `go-ftw`, `crs-toolchain`, etc. This is one similar tool, that adds linting to the rules, with our specific requirements. So...
Makes sense. Also, the script might not need to know which tags are approved.
ping @jcchavezs @M4tteoP