fix: update prefix directory

Signed-off-by: Felipe Zipitria <[email protected]>

config/_default/config.toml

@@ -43,6 +43,7 @@ home = [ "HTML", "RSS", "JSON"]
   # CRS related parameters
   crs_latest_release = "3.3.4"
   crs_dev_branch = "v4.0/dev"
+  crs_install_dir = "/etc/crs4"
 
 [[menu.shortcuts]]
 name = "<i class='fas fa-bookmark'></i> Core Rule Set Home"

content/deployment/install.md

@@ -211,11 +211,11 @@ It is recommended to create a folder specifically to contain the CRS rules. In t
 ```apache
 <IfModule security2_module>
         Include modsecurity.d/modsecurity.conf
-        Include modsecurity.d/crs/crs-setup.conf
-        Include modsecurity.d/crs/plugins/*-config.conf
-        Include modsecurity.d/crs/plugins/*-before.conf
-        Include modsecurity.d/crs/rules/*.conf
-        Include modsecurity.d/crs/plugins/*-after.conf
+        Include {{< param crs_install_dir >}}/crs-setup.conf
+        Include {{< param crs_install_dir >}}/plugins/*-config.conf
+        Include {{< param crs_install_dir >}}/plugins/*-before.conf
+        Include {{< param crs_install_dir >}}/rules/*.conf
+        Include {{< param crs_install_dir >}}/plugins/*-after.conf
 </IfModule>
 ```
 
@@ -225,5 +225,9 @@ Nginx will include files from the Nginx configuration directory (`/etc/nginx` or
 
 ```nginx
 include modsecurity.conf
-{{% crsfiles prefix="include coreruleset-" %}}
-``` 
+{{% crsfiles prepend="include " %}}
+```
+
+{{% notice note %}}
+You will also need to include the plugins you want along with your CRS installation.
+{{% /notice %}}

content/deployment/quick_start.md

@@ -78,10 +78,12 @@ The examples presented below demonstrate using Apache. For information on config
 Note that while it's common practice to make a new `modsecurity.d` folder, as outlined below, this isn't strictly necessary. The path scheme outlined is common on RHEL-based operating systems; the Apache path used may need to be adjusted to match the server's installation.
 
 ```bash
-mkdir /etc/httpd/modsecurity.d
-tar -zxvf v{{< param crs_latest_release >}}.tar.gz -C /etc/httpd/modsecurity.d/crs
+mkdir {{< param crs_install_dir >}}
+tar -xzvf v{{< param crs_latest_release >}}.tar.gz --strip-components 1 -C {{< param crs_install_dir >}}
 ```
 
+Now all the CRS files will be located below the `{{< param crs_install_dir >}}` directory.
+
 ### Setting Up the Main Configuration File
 
 After extracting the rule set files, the next step is to set up the main OWASP Core Rule Set configuration file. An example configuration file is provided as part of the release package, located in the main directory: `crs-setup.conf.example`.
@@ -95,7 +97,7 @@ In many scenarios, the default example CRS configuration will be a good enough s
 Once any settings have been changed within the example configuration file, as needed, it should be renamed to remove the .example portion, like so:
 
 ```bash
-cd /etc/httpd/modsecurity.d/crs/
+cd {{< param crs_install_dir >}}
 mv crs-setup.conf.example crs-setup.conf
 ```
 
@@ -104,11 +106,14 @@ mv crs-setup.conf.example crs-setup.conf
 The last step is to tell the web server where the rules are. This is achieved by `include`-ing the rule configuration files in the `httpd.conf` file. Again, this example demonstrates using Apache, but the process is similar on other systems (see the [extended install]({{< ref "install.md" >}}) page for details).
 
 ```bash
-echo 'IncludeOptional /etc/httpd/crs/crs-setup.conf' >> /etc/httpd/conf/httpd.conf
-echo 'IncludeOptional /etc/httpd/crs/rules/*.conf' >> /etc/httpd/conf/httpd.conf
+echo 'IncludeOptional {{< param crs_install_dir >}}/crs-setup.conf' >> /etc/httpd/conf/httpd.conf
+echo 'IncludeOptional {{< param crs_install_dir >}}/plugins/*-config.conf' >> /etc/httpd/conf/httpd.conf
+echo 'IncludeOptional {{< param crs_install_dir >}}/plugins/*-before.conf' >> /etc/httpd/conf/httpd.conf
+echo 'IncludeOptional {{< param crs_install_dir >}}/rules/*.conf' >> /etc/httpd/conf/httpd.conf
+echo 'IncludeOptional {{< param crs_install_dir >}}/plugins/*-after.conf' >> /etc/httpd/conf/httpd.conf
 ```
 
-Now that everything has been configured, it should be possible to restart and being using the OWASP Core Rule Set. The CRS rules typically require a bit of tuning with rule exclusions, depending on the site and web applications in question. For more information on tuning, see [false positives and tuning]({{< ref "false_positives_tuning.md" >}}).
+Now that everything has been configured, it should be possible to restart and being using the OWASP CRS. The CRS rules typically require a bit of tuning with rule exclusions, depending on the site and web applications in question. For more information on tuning, see [false positives and tuning]({{< ref "false_positives_tuning.md" >}}).
 
 ```bash
 systemctl restart httpd.service

layouts/shortcodes/crsfiles.html

@@ -1,15 +1,16 @@
 {{- $urlPre := "https://api.github.com" -}}
 {{- $crsversion := .Site.Param "crs_latest_release" -}}
-{{- $prefix := .Get "prefix" | default "" -}}
+{{- $prefix := .Site.Param "crs_install_dir" -}}
+{{- $prepend := .Get "prepend" | default "" -}}
 {{- $filesJ := getJSON $urlPre (printf "/repos/coreruleset/coreruleset/git/trees/v%s" $crsversion) "?recursive=1" -}}
 {{- $text := slice -}}
 {{- range $idx, $file := $filesJ.tree -}}
   {{- if eq $file.type "blob" -}}
     {{- if strings.HasSuffix $file.path "example" -}}
-      {{- $text = $text | append (printf "%s%s/%s" $prefix $crsversion (strings.TrimSuffix ".example" $file.path) ) -}}
+      {{- $text = $text | append (printf "%s%s/%s" $prepend $prefix (strings.TrimSuffix ".example" $file.path) ) -}}
     {{- end -}}
     {{- if and (eq (path.Dir $file.path) "rules") (strings.HasSuffix $file.path "conf") -}}
-      {{- $text = $text | append (printf "%s%s/%s" $prefix $crsversion $file.path) -}}
+      {{- $text = $text | append (printf "%s%s/%s" $prepend $prefix $file.path) -}}
     {{- end -}}
   {{- end -}}
 {{- end -}}