PGP signatures for ModSec rules?

Customer support forums for the modsecurity rules feed. There is no such thing as a bad question here as long as it pertains to using the real time modsecurity rules feed. Newbies feel free to get help getting started or asking questions that may be obvious.
David Robb
New Forum User
New Forum User
Posts: 1
Joined: Mon Apr 25, 2016 9:25 pm
Location: Auckland

PGP signatures for ModSec rules?

Unread post by David Robb »


The daily modsecurity rules tarballs used to have a .asc file available with them with a PGP signature for the file, but now I can't find that .asc file (I use it to check that the modsec rules are valid). Are they intentionally no longer signed?

Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8330
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth

Re: PGP signatures for ModSec rules?

Unread post by scott »

For the moment yes they are disabled. For infrastructure/update speed reasons the archives are generated on the mirrors. We'll probably augment this with sha512 hashes like we do with the installers.
Post Reply