Source: modsecurity-crs Version: 3.3.4-1 Severity: wishlist Hi maintainers,
so this package is packing up https://github.com/coreruleset/coreruleset However, to properly run those rules for some website one would also need to run so-called "plugins" of the crs. For example, https://github.com/coreruleset/wordpress-rule-exclusions-plugin/ for wordpress (the one that interests me here for my use case, but there are plenty of others). I wonder what are your thoughts of bundling those up in the package, possibly in separate binary packages, so that they can be installed only on hosts that actually run those CMSs? They don't seem to have actual "releases", so at best they would need to be snapshot of whenever you bundle them, but I think that would already be quite good. If you would be opposed to including these, why? :) -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
signature.asc
Description: PGP signature