From 0e98f24f42a6a26bee2f486364b6a52b20745b2a Mon Sep 17 00:00:00 2001
From: Patrick Marchand <pmarchand@evolix.ca>
Date: Wed, 7 Nov 2018 17:45:02 +0100
Subject: [PATCH] We misunsderstood how modsecurity used the init rules

They do not modify files and are necessary for the core rules to function.
---
 packweb-apache/files/evolinux-modsec.conf | 13 +++----------
 1 file changed, 3 insertions(+), 10 deletions(-)

diff --git a/packweb-apache/files/evolinux-modsec.conf b/packweb-apache/files/evolinux-modsec.conf
index d78a715d..fcb4ba19 100644
--- a/packweb-apache/files/evolinux-modsec.conf
+++ b/packweb-apache/files/evolinux-modsec.conf
@@ -39,19 +39,12 @@ SecTmpDir /tmp
 # RULES
 #########
 
-# File name
-SecRule REQUEST_FILENAME "modsecuritytest1" "id:1"
-# Complete URI
-SecRule REQUEST_URI "modsecuritytest2" "id:2"
-SecRule REQUEST_FILENAME "(?:n(?:map|et|c)|w(?:guest|sh)|cmd(?:32)?|telnet|rcmd|ftp)\.exe" "id:3"
-
 Include /usr/share/modsecurity-crs/owasp-crs.load
 
-# Removed because it does not play well with apache-itk
-SecRuleRemoveById "901000-901999"
 
-# Removed because IP reputation based blocking is hard to predict
-# and reason about
+# Removed because it does not play well with apache-itk
+# Can be removed when modsecurity 2.9.3 hits debian
+# See https://github.com/SpiderLabs/ModSecurity/issues/712
 SecRuleRemoveById "910000-910999"
 
 </IfModule>