Hi Mike,
On Sun, Dec 19, 2021 at 07:52:48AM -0800, 'Max Mustermann' via ModSecurity Core Rule Set project wrote:
> Where to check if a new version is available *OR* download automated via
> cron periodically updates?
>
> I saw the possiblility to update ("sudo python
> /etc/apache2/owasp-modsecurity-crs/util/upgrade.py --crs") but seems not to
> work: sudo /usr/share/modsecurity-crs/util/upgrade.py --crs => *crs: Not a
> git repository: /usr/share/modsecurity-crs*. I do have
> /etc/apache2/modsecurity-crs/coreruleset-3.3.0 installed ....?
> Thanks in advance.
I assume you opened a GH issue here:
https://github.com/SpiderLabs/ModSecurity/issues/2655
Well, this is the better platform for this question, I think you
should close that issue.
Do you know the `update.py` where comes from? Coreruleset tar.gz
does not contain it. Perhaps you have some really old copy of the
CRS in that directory.
Based on the message: "Not a git repository" I assume this is a
git wrapper, which is looking for a local git repository. But if
you downloaded the source tree as tar.gz, then that's not a git
repository.
You should try the upgrade via git:
sudo mkdir /usr/share/coreruleset
cd /usr/share/coreruleset
sudo git clone
https://github.com/coreruleset/coreruleset.git --branch v3.3/master --single-branch
Then you *MUST* reconfigure the Apache configuration file that
the engine use this new path isntead of the existing one. (Please
note, that the project has a new name: "Coreruleset"). Don't
forget to set the existing settings, eg. PL, exlusions...
Then you will get the updates if you run the command
sudo git pull origin
in that directory.
I think this is the best way what you can do now.
Regards,
a.