2 Commits

Author SHA1 Message Date
Felipe Zimmerle
b5398abaf2 Forces downloads using https-only for resources or rules
This commit makes ModSecurity to refuse to download or install rules
(SecRemoteRules) from sites that are not running HTTPS with a valid and
trusted certificate.
2014-11-14 11:53:40 -08:00
Felipe Zimmerle
899ee0c365 Adds support to load remote resources to pmFromFile and ipMatchFromFile
Initially those directives were only able to load content from a
local file. This commit extends this functionality allowing the user to
provide an HTTP URI that can be downloaded and loaded by ModSecurity.
Initially the download is associated with a server restart. For next
versions we expect to load such resources as it become outdated (Without
need to resetart the server).
2014-11-14 11:53:40 -08:00