Update release notes. Fix the modsec conf issue.

Nikolay Tkachenko · Nikolay Tkachenko · commit 669e28208b1b · 2025-06-09T02:39:40.000+03:00
diff --git a/cmd/api-firewall/tests/wallarm_api2_update.db b/cmd/api-firewall/tests/wallarm_api2_update.db
diff --git a/docs/release-notes.md b/docs/release-notes.md
@@ -2,10 +2,11 @@
 
 This page describes new releases of Wallarm API Firewall.
 
-## v0.9.2 (2025-06-06)
+## v0.9.2 (2025-06-09)
 
 * Added Prometheus metrics support in the `API` mode
 * Added support of the env vars in the API-Firewall pkg
+* Add ModSecurity-specific validation configuration options (#127)
 * Dependency upgrade
 
 ## v0.9.1 (2025-04-23)
diff --git a/internal/config/modsec.go b/internal/config/modsec.go
@@ -13,8 +13,8 @@ import (
 type ModSecurity struct {
 	ConfFiles          []string `conf:"env:MODSEC_CONF_FILES"`
 	RulesDir           string   `conf:"env:MODSEC_RULES_DIR"`
-	RequestValidation  string   `conf:"env:MODSEC_REQUEST_VALIDATION validate:"required,oneof=DISABLE BLOCK LOG_ONLY"`
-	ResponseValidation string   `conf:"env:MODSEC_RESPONSE_VALIDATION" validate:"required,oneof=DISABLE BLOCK LOG_ONLY"`
+	RequestValidation  string   `conf:"env:MODSEC_REQUEST_VALIDATION" validate:"omitempty,oneof=DISABLE BLOCK LOG_ONLY"`
+	ResponseValidation string   `conf:"env:MODSEC_RESPONSE_VALIDATION" validate:"omitempty,oneof=DISABLE BLOCK LOG_ONLY"`
 }
 
 func LoadModSecurityConfiguration(cfg *ModSecurity, logger zerolog.Logger) (coraza.WAF, error) {
