mind that a rule reload temporary doubles the states requirement.
.. _deprecation policy: https://suricata.io/our-story/deprecation-policy/
+
+.. _suricata-yaml-config-hardening:
+
+Configuration hardening
+-----------------------
+
+Lua
+~~~
+
+Suricata 6.0.13 disables Lua rules by default. Lua rules can be
+enabled in the ``security.lua`` section of the configuration file:
+
+::
+
+ security:
+ lua:
+ # Allow Lua rules. Disabled by default.
+ #allow-rules: false
Lua Scripting
=============
+.. note:: Lua is disabled by default for use in rules, it must be
+ enabled in the configuration file. See the ``security.lua``
+ section of ``suricata.yaml`` and enable ``allow-rules``.
+
Syntax:
::
Major updates include new features, new default settings and often also
remove features.
+Upgrading to 6.0.13
+-------------------
+- Lua rules have been disabled. To enable them see
+ :ref:`suricata-yaml-config-hardening`.
+
Upgrading from 6.0.4 to 6.0.5
-----------------------------
- FTP has been updated with a maximum command request and response line length of 4096 bytes. To change the default see :ref:`suricata-yaml-configure-ftp`.
projects / thirdparty / suricata.git / commitdiff
