Skip to content

Commit 2209084

Browse files
chore(roles/apache_httpd): bump crs to 4.26.0
1 parent 6ab224b commit 2209084

3 files changed

Lines changed: 3 additions & 2 deletions

File tree

CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
2424

2525
### Changed
2626

27+
* **role:apache_httpd**: bump Core Rule Set to 4.26.0
2728
* **role:apache_httpd**: Update the two reverse-proxy snippets in `EXAMPLES.md` to use `ProxyPass` instead of `RewriteRule ^/(.*) ... [proxy,last]`. The RewriteRule variant `%`-decodes the URI pattern and forwards characters such as `?` unencoded to the backend, which breaks WebDAV apps (file-not-found on rename in Nextcloud). The examples now also carry a comment explaining the choice and link to the corresponding [blog post](https://www.linuxfabrik.ch/blog/nextcloud-rewriterules-vs-proxypass).
2829

2930
### Added

roles/apache_httpd/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -774,7 +774,7 @@ apache_httpd__mod_log_config_custom_log: 'logs/access.log combined'
774774

775775
* The OWASP ModSecurity Core Rule Set (CRS) version number without "v".
776776
* Type: String.
777-
* Default: `'4.24.1'`
777+
* Default: `'4.26.0'`
778778

779779
`apache_httpd__skip_mod_security_coreruleset`
780780

roles/apache_httpd/defaults/main.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -231,7 +231,7 @@ apache_httpd__mpm_worker_threads_per_child: 25
231231
# get details from https://coreruleset.org/installation/
232232
# origin: https://github.com/coreruleset/coreruleset/releases
233233
apache_httpd__mod_security_coreruleset_url: 'https://github.com/coreruleset/coreruleset/archive'
234-
apache_httpd__mod_security_coreruleset_version: '4.24.1'
234+
apache_httpd__mod_security_coreruleset_version: '4.26.0'
235235

236236
# mod_ssl
237237
apache_httpd__mod_ssl_ssl_use_stapling: 'on'

0 commit comments

Comments
 (0)