[Owasp-modsecurity-core-rule-set] CRS-3.0.2 : rules 941100 and 950130

Philippe Naudin naudin at supagro.inra.fr
Fri Jul 28 07:30:17 UTC 2017


Hello,

I have a problem with the installation of CRS and I am not able to
understand it. 
On a Debian Jessie, with libapache2-mod-security2-2.9.1-2~bpo8+1 and
owasp-modsecurity-crs from github.com/SpiderLabs, apache2 -t gives the
following error :

AH00526: Syntax error on line 40
of /etc/modsecurity/crs/REQUEST-941-APPLICATION-ATTACK-XSS.conf Error
parsing actions: Unknown action: \\

After commenting out rule 941100, there is another error :

AH00526: Syntax error on line 36
of /etc/modsecurity/crs/RESPONSE-950-DATA-LEAKAGES.conf Error parsing
actions: Unknown action: \\

Once rules 941100 and 950130 have been commented, apache can read its
configuration and work correctly (also tested in paranoia levels 2 
and 3).

Using debian's package modsecurity-crs-3.0.0-3~bpo8+1, there is no
problem at all.

Do you know some test or log or whatever that can help me to find the 
origin of this problem ?

Thanks,

-- 
Philippe Naudin


More information about the Owasp-modsecurity-core-rule-set mailing list