modify documentation

README.markdown

@@ -4,13 +4,13 @@ Name
 [![travis-ci](https://travis-ci.org/vislee/ngx_http_waf_module.svg?branch=master)](https://travis-ci.org/vislee/ngx_http_waf_module)
 [![Coverage Status](https://coveralls.io/repos/github/vislee/ngx_http_waf_module/badge.svg?branch=master)](https://coveralls.io/github/vislee/ngx_http_waf_module?branch=master)
 
-The **ngx_http_waf_module** is an open source and high performance web application firewall(WAF) module for Nginx.
+The **ngx_http_waf_module** is an open-source and high-performance simple-rule easy-extend web application firewall(WAF) module for Nginx.
 
-This module must be configured with rules.
 
 Table of Contents
 =================
 * [Name](#name)
+* [Status](#status)
 * [Install](#install)
 * [Example Configuration](#example-configuration)
 * [Directives](#directives)
@@ -19,11 +19,17 @@ Table of Contents
     * [security_waf](#security_waf)
     * [security_check](#security_check)
     * [security_log](#security_log)
+* [New strategy](#new-strategy)
 * [Author](#author)
 * [Copyright and License](#copyright-and-license)
 * [See Also](#see-also)
 
 
+Status
+======
+The ngx_http_waf_module is currently in active development.
+
+
 Install
 =======
 
@@ -67,8 +73,8 @@ http {
             security_waf on;
             security_log ./logs/waf.log;
 
-            security_rule w:1003 z:V_ARGS:test;
-            security_rule 90001 str:eq@vislee s:$BYPASS:4 z:V_HEADERS:name;
+            security_rule wl:1003 z:V_ARGS:test;
+            security_rule id:90001 str:eq@vislee s:$BYPASS:4 z:V_HEADERS:name;
 
             security_check "$HANG>4" LOG;
             security_check "$BYPASS>8" $sec_result;
@@ -95,9 +101,11 @@ security_rule
 
 **context:** *http*
 
-rule format: id:number strategy "s:$TAG:score,$TAG2:score" "z:zones" "note:message";
+Set the general rules. All of `http` containing `location` is visible.
+The rule format: `id:number strategy "s:$TAG:score,$TAG2:score" "z:zones" "note:message";`
 
-+ strategy:
++ id: the rules of the ID.
++ strategy: the rules of strategy.
   + str:[decode_func1|decode_func2][!]le@string
   + str:[decode_func1|decode_func2][!]ge@string
   + str:[decode_func1|decode_func2][!]ct@string
@@ -114,7 +122,7 @@ rule format: id:number strategy "s:$TAG:score,$TAG2:score" "z:zones" "note:messa
 
 >>decode_func: decode_url or decode_base64
 
-+ zones:
++ zones: the match zone.
   + #URL
   + V_URL:string
   + X_URL:regex
@@ -178,6 +186,11 @@ security_log
 [Back to TOC](#table-of-contents)
 
 
+New strategy
+===========
+
+[Back to TOC](#table-of-contents)
+
 
 Author
 ======
@@ -195,6 +208,8 @@ Copyright (C) 2018, by vislee.
 
 All rights reserved.
 
+http://www.gnu.org/licenses/licenses.en.html
+
 
 [Back to TOC](#table-of-contents)
 

README_zh.markdown

@@ -1,12 +1,16 @@
 Name
 =====
 
+[![travis-ci](https://travis-ci.org/vislee/ngx_http_waf_module.svg?branch=master)](https://travis-ci.org/vislee/ngx_http_waf_module)
+[![Coverage Status](https://coveralls.io/repos/github/vislee/ngx_http_waf_module/badge.svg?branch=master)](https://coveralls.io/github/vislee/ngx_http_waf_module?branch=master)
+
 **ngx_http_waf_module** 是一个开源的、高效的、规则简单可配置、策略易扩展的nginx WAF模块。
 
 
 Table of Contents
 =================
 * [Name](#name)
+* [Status](#status)
 * [Install](#install)
 * [Example Configuration](#example-configuration)
 * [Directives](#directives)
@@ -20,6 +24,11 @@ Table of Contents
 * [Copyright and License](#copyright-and-license)
 * [See Also](#see-also)
 
+Status
+======
+ngx_http_waf_module 还处在早期的开发阶段。
+
+
 Install
 =======
 
@@ -96,7 +105,7 @@ security_rule
 规则的格式: `id:number strategy "s:$TAG:score,$TAG2:score" "z:zones" "note:message";`
 
 + id: number取值为数字，规则的唯一编码，唯一代表一条规则。在`白名单`和`日志`记录中使用。
-+ strategy: 规则策略，有以下几种策略。以`str:`开始的是字符串匹配策略。以`libinj:`开始的是调用了第三方libinjection库的策略。以`hash:`开始的是计算hash值的策略。以`libmagic:`开始的是调用了libmagic库通过检测文件魔数获取文件类型。
++ strategy: 规则策略，有以下几种策略。以`str:`开始的是字符串匹配策略。以`libinj:`开始的是调用了第三方(libinjection)[https://github.com/client9/libinjection]库的策略。以`hash:`开始的是计算hash值的策略。以`libmagic:`开始的是调用了libmagic库通过检测文件魔数获取文件类型。
 
   + "str:[decode_func1|decode_func2][!]le@string": [经过decode函数处理后的]字符串[不]小于等于string(字典顺序)
   + "str:[decode_func1|decode_func2][!]ge@string": [经过decode函数处理后的]字符串[不]大于等于string(字典顺序)
@@ -106,7 +115,7 @@ security_rule
   + "str:[decode_func1|decode_func2][!]ew@string": [经过decode函数处理后的]字符串[不是]以string结束
   + "str:[decode_func1|decode_func2][!]rx@regex": [经过decode函数处理后的]字符串[不]符合正则表达式
   + "libinj:[decode_func1|decode_func2][!]sql": [经过decode函数处理后的]字符串[不]存在sql注入
-  + "libinj:[decode_func1|decode_func2][!]xss": [经过decode函数处理后的]字符串[不]存在跨站脚本攻击
+  + "libinj:[decode_func1|decode_func2][!]xss": [经过decode函数处理后的]字符串[不]存在xss攻击
   + "hash:[!]md5@hashcode": 字符串的md5值[不]等于hashcode
   + "hash:[!]crc32@hashcode": 字符串的crc32[不]等于hashcode
   + "hash:[!]crc32_long@hashcode": 字符串的crc32_long[不]等于hashcode
@@ -228,6 +237,7 @@ Copyright (C) 2018, by vislee.
 
 All rights reserved.
 
+http://www.gnu.org/licenses/licenses.zh-cn.html
 
 [Back to TOC](#table-of-contents)