Ensure ModSecurity unicode mapping is present

README.md

@@ -5,7 +5,7 @@
 
 A modern web hosting control panel for WordPress and general PHP hosting. Built with Laravel 12, Filament v5, Livewire 4, and Tailwind CSS v4.
 
-Version: 0.9-rc28 (release candidate)
+Version: 0.9-rc29 (release candidate)
 
 This is a release candidate. Expect rapid iteration and breaking changes until 1.0.
 
@@ -156,6 +156,7 @@ php artisan test --compact
 
 ## Initial Release
 
+- 0.9-rc29: Ensure ModSecurity unicode mapping is installed automatically.
 - 0.9-rc28: ModSecurity unicode mapping setup fixes.
 - 0.9-rc27: Installers now read VERSION when available.
 - 0.9-rc26: Updated installer version banner.

VERSION

@@ -1 +1 @@
-VERSION=0.9-rc28
+VERSION=0.9-rc29

bin/jabali-agent

@@ -2781,6 +2781,8 @@ function ensureJabaliNginxIncludeFiles(): void
         @mkdir(JABALI_NGINX_INCLUDES, 0755, true);
     }
 
+    ensureWafUnicodeMapFile();
+
     $baseConfig = findWafBaseConfig();
     $shouldDisableWaf = $baseConfig === null;
 
@@ -2802,6 +2804,36 @@ function ensureJabaliNginxIncludeFiles(): void
     }
 }
 
+function ensureWafUnicodeMapFile(): void
+{
+    $target = '/etc/modsecurity/unicode.mapping';
+    if (file_exists($target)) {
+        return;
+    }
+
+    $sources = [
+        '/usr/share/modsecurity-crs/util/unicode.mapping',
+        '/usr/share/modsecurity-crs/unicode.mapping',
+        '/usr/share/modsecurity/unicode.mapping',
+        '/etc/nginx/unicode.mapping',
+        '/usr/share/nginx/docs/modsecurity/unicode.mapping',
+    ];
+
+    foreach ($sources as $source) {
+        if (!file_exists($source)) {
+            continue;
+        }
+
+        if (!is_dir('/etc/modsecurity')) {
+            @mkdir('/etc/modsecurity', 0755, true);
+        }
+
+        if (@copy($source, $target)) {
+            break;
+        }
+    }
+}
+
 function ensureNginxServerIncludes(array $includeLines): array
 {
     $files = glob('/etc/nginx/sites-enabled/*.conf') ?: [];
@@ -2927,6 +2959,7 @@ function wafApplySettings(array $params): array
     $prevRules = file_exists(JABALI_WAF_RULES) ? file_get_contents(JABALI_WAF_RULES) : null;
 
     if ($enabled) {
+        ensureWafUnicodeMapFile();
         $baseConfig = findWafBaseConfig();
         if (!$baseConfig) {
             file_put_contents(JABALI_WAF_INCLUDE, "# Managed by Jabali\nmodsecurity off;\n");

install.sh

@@ -2115,6 +2115,10 @@ EOF
                     cp /usr/share/modsecurity-crs/unicode.mapping /etc/modsecurity/unicode.mapping
                 elif [[ -f /usr/share/modsecurity/unicode.mapping ]]; then
                     cp /usr/share/modsecurity/unicode.mapping /etc/modsecurity/unicode.mapping
+                elif [[ -f /etc/nginx/unicode.mapping ]]; then
+                    cp /etc/nginx/unicode.mapping /etc/modsecurity/unicode.mapping
+                elif [[ -f /usr/share/nginx/docs/modsecurity/unicode.mapping ]]; then
+                    cp /usr/share/nginx/docs/modsecurity/unicode.mapping /etc/modsecurity/unicode.mapping
                 fi
             fi
 

install_from_gitea.sh

@@ -2115,6 +2115,10 @@ EOF
                     cp /usr/share/modsecurity-crs/unicode.mapping /etc/modsecurity/unicode.mapping
                 elif [[ -f /usr/share/modsecurity/unicode.mapping ]]; then
                     cp /usr/share/modsecurity/unicode.mapping /etc/modsecurity/unicode.mapping
+                elif [[ -f /etc/nginx/unicode.mapping ]]; then
+                    cp /etc/nginx/unicode.mapping /etc/modsecurity/unicode.mapping
+                elif [[ -f /usr/share/nginx/docs/modsecurity/unicode.mapping ]]; then
+                    cp /usr/share/nginx/docs/modsecurity/unicode.mapping /etc/modsecurity/unicode.mapping
                 fi
             fi