Hello! In theory, the rules for the modsec module are the same and can be interchanged for all solutions. In the modsecurity-crs package, the rules are installed in /etc/http. This one is not used by either nginx or angie and is specific to apache. If you look at my PKGBUILD, the rules are installed with read-only permissions and to the directory for angie/nginx. In theory, we can together make a dynamic PKGBUILD, which will install rules in the directory, depending on the installed reverse-proxy. You can combine the packages (I'm ready to be a co-maintainer) or leave them as they are, it's up to you to decide.
-----Original Message----- From: Muflone <mufl...@archlinux.org> Sent: Wednesday, May 1, 2024 10:18 PM To: aur-requests@lists.archlinux.org Cc: v...@minakov.pro; marcell.mesza...@runbox.eu Subject: Re: [PRQ#59768] Deletion Request for angie-owasp-crs Hi > MarsSeed [1] filed a deletion request for angie-owasp-crs [2]: > > Badly packaged duplicate of AUR/modsecurity-crs. [a] > > Angie is a drop-in fork of nginx. The latter package depends on nginx, > but 'angie' can be installed instead of that, as the latter provides > the former. > > Also the modsecurity is necessary for this to work, which the latter > correctly depends on, while the current package lacks any depends. This is not clear to me. If angie provides nginx, would modsecurity-crs will be compatible with angie? @VVL could you please confirm modsecurity-crs can replace angie-owasp-crs? Thank you -- Fabio Castelli aka Muflone
