[Owasp-modsecurity-core-rule-set] Initial report

Bill Miller wbmilleriii at comcast.net
Fri Aug 19 23:05:50 UTC 2016

I was able to install CRS 3.0 on my Ubuntu Apache 2.4 system.

After a few hours of troubleshooting, I have all the REQUESTs working 
successfully except REQUEST-920-PROTOCOL-ENFORCEMENT.conf and 
RESPONSE-950-DATA-LEAKAGES.conf.  They are causing Modsecurity to throw 
syntax errors of the form "Found another rule with the same id".  The 
rules in question are 920011 and 950020.

This is early info and I've done no additional troubleshooting. Since I 
am still running CRS 2.9, that may be where the conflict is.  Or some 
other configuration problem on my side.


More information about the Owasp-modsecurity-core-rule-set mailing list