Closed darrellenns closed 6 years ago
This has been discussed and is a major contributing factor to why geolite2 support was added to modsecv3 in the last push. Unfortunately, it does not appear there is much desire to add the same support for v2 modsec. For more information you can see this ticket https://github.com/SpiderLabs/ModSecurity/issues/1727
Perhaps some notes in the documentation/config sample/update script are in order? At the moment, there is nothing that would let users know that they aren't getting any updates.
As it currently stands, CRS does not receive any GeoIP updates (it's stuck on the March 2018 version). CRS would need to be migrated to use the "GeoLite2" database in order to receive free updates.
https://dev.maxmind.com/geoip/legacy/geolite/ https://support.maxmind.com/geolite-legacy-discontinuation-notice/