Fix ModSecurity unicode mapping setup

README.md

@@ -5,7 +5,7 @@
 
 A modern web hosting control panel for WordPress and general PHP hosting. Built with Laravel 12, Filament v5, Livewire 4, and Tailwind CSS v4.
 
-Version: 0.9-rc27 (release candidate)
+Version: 0.9-rc28 (release candidate)
 
 This is a release candidate. Expect rapid iteration and breaking changes until 1.0.
 
@@ -156,6 +156,7 @@ php artisan test --compact
 
 ## Initial Release
 
+- 0.9-rc28: ModSecurity unicode mapping setup fixes.
 - 0.9-rc27: Installers now read VERSION when available.
 - 0.9-rc26: Updated installer version banner.
 - 0.9-rc25: Added Gitea installer script.

VERSION

@@ -1 +1 @@
-VERSION=0.9-rc27
+VERSION=0.9-rc28

bin/jabali-agent

@@ -2886,6 +2886,31 @@ function isWafBaseConfigUsable(string $path): bool
         }
     }
 
+    if (preg_match_all('/^\s*SecUnicodeMapFile\s+([^\s]+)\s*/m', $content, $matches)) {
+        $baseDir = dirname($path);
+        foreach ($matches[1] as $mapPath) {
+            $candidates = [];
+            if (str_starts_with($mapPath, '/')) {
+                $candidates[] = $mapPath;
+            } else {
+                $candidates[] = $baseDir . '/' . $mapPath;
+                $candidates[] = '/etc/modsecurity/' . $mapPath;
+            }
+
+            $found = false;
+            foreach ($candidates as $candidate) {
+                if (file_exists($candidate)) {
+                    $found = true;
+                    break;
+                }
+            }
+
+            if (!$found) {
+                return false;
+            }
+        }
+    }
+
     return true;
 }
 

install.sh

@@ -525,11 +525,26 @@ install_packages() {
 
     if command -v locale-gen >/dev/null 2>&1; then
         info "Configuring locales..."
+        if [[ ! -f /etc/locale.gen ]]; then
+            touch /etc/locale.gen
+        fi
         if ! grep -q '^en_US.UTF-8 UTF-8' /etc/locale.gen 2>/dev/null; then
             echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
         fi
+        if ! grep -q '^C.UTF-8 UTF-8' /etc/locale.gen 2>/dev/null; then
+            echo "C.UTF-8 UTF-8" >> /etc/locale.gen
+        fi
         locale-gen >/dev/null 2>&1 || warn "Locale generation failed"
-        update-locale LANG=en_US.UTF-8 >/dev/null 2>&1 || warn "Failed to set default locale"
+        update-locale LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 >/dev/null 2>&1 || warn "Failed to set default locale"
+        if [[ ! -f /etc/default/locale ]]; then
+            touch /etc/default/locale
+        fi
+        if ! grep -q '^LANG=' /etc/default/locale 2>/dev/null; then
+            echo "LANG=en_US.UTF-8" >> /etc/default/locale
+        fi
+        if ! grep -q '^LC_ALL=' /etc/default/locale 2>/dev/null; then
+            echo "LC_ALL=en_US.UTF-8" >> /etc/default/locale
+        fi
     fi
 
     # Unhold packages in case user wants to install them manually later
@@ -2092,6 +2107,17 @@ EOF
                 fi
             fi
 
+            # Ensure unicode mapping file (required by SecUnicodeMapFile)
+            if [[ ! -f /etc/modsecurity/unicode.mapping ]]; then
+                if [[ -f /usr/share/modsecurity-crs/util/unicode.mapping ]]; then
+                    cp /usr/share/modsecurity-crs/util/unicode.mapping /etc/modsecurity/unicode.mapping
+                elif [[ -f /usr/share/modsecurity-crs/unicode.mapping ]]; then
+                    cp /usr/share/modsecurity-crs/unicode.mapping /etc/modsecurity/unicode.mapping
+                elif [[ -f /usr/share/modsecurity/unicode.mapping ]]; then
+                    cp /usr/share/modsecurity/unicode.mapping /etc/modsecurity/unicode.mapping
+                fi
+            fi
+
             # Create main include file for nginx if missing
             mkdir -p /etc/nginx/modsec
             if [[ ! -f /etc/nginx/modsec/main.conf ]]; then

install_from_gitea.sh

@@ -525,11 +525,26 @@ install_packages() {
 
     if command -v locale-gen >/dev/null 2>&1; then
         info "Configuring locales..."
+        if [[ ! -f /etc/locale.gen ]]; then
+            touch /etc/locale.gen
+        fi
         if ! grep -q '^en_US.UTF-8 UTF-8' /etc/locale.gen 2>/dev/null; then
             echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
         fi
+        if ! grep -q '^C.UTF-8 UTF-8' /etc/locale.gen 2>/dev/null; then
+            echo "C.UTF-8 UTF-8" >> /etc/locale.gen
+        fi
         locale-gen >/dev/null 2>&1 || warn "Locale generation failed"
-        update-locale LANG=en_US.UTF-8 >/dev/null 2>&1 || warn "Failed to set default locale"
+        update-locale LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 >/dev/null 2>&1 || warn "Failed to set default locale"
+        if [[ ! -f /etc/default/locale ]]; then
+            touch /etc/default/locale
+        fi
+        if ! grep -q '^LANG=' /etc/default/locale 2>/dev/null; then
+            echo "LANG=en_US.UTF-8" >> /etc/default/locale
+        fi
+        if ! grep -q '^LC_ALL=' /etc/default/locale 2>/dev/null; then
+            echo "LC_ALL=en_US.UTF-8" >> /etc/default/locale
+        fi
     fi
 
     # Unhold packages in case user wants to install them manually later
@@ -2092,6 +2107,17 @@ EOF
                 fi
             fi
 
+            # Ensure unicode mapping file (required by SecUnicodeMapFile)
+            if [[ ! -f /etc/modsecurity/unicode.mapping ]]; then
+                if [[ -f /usr/share/modsecurity-crs/util/unicode.mapping ]]; then
+                    cp /usr/share/modsecurity-crs/util/unicode.mapping /etc/modsecurity/unicode.mapping
+                elif [[ -f /usr/share/modsecurity-crs/unicode.mapping ]]; then
+                    cp /usr/share/modsecurity-crs/unicode.mapping /etc/modsecurity/unicode.mapping
+                elif [[ -f /usr/share/modsecurity/unicode.mapping ]]; then
+                    cp /usr/share/modsecurity/unicode.mapping /etc/modsecurity/unicode.mapping
+                fi
+            fi
+
             # Create main include file for nginx if missing
             mkdir -p /etc/nginx/modsec
             if [[ ! -f /etc/nginx/modsec/main.conf ]]; then