[Owasp-modsecurity-core-rule-set] CRS-3.0.2 : rules 941100 and 950130
chaim at chaimsanders.com
Fri Jul 28 15:52:40 UTC 2017
Sorry for the trouble you've been having. You've stumbled across a known
bug. This is due to a bug in a few older Apache versions (as described here
There are two different approaches to fixing it. Either upgrade Apache, or
you can go to the location specified in the error (line 36 of
DATA-LEAKAGES) and add a space before the line continuation ( '\' ). Thank
you for reaching out to us, let me know if this solves the issue!
On Fri, Jul 28, 2017 at 12:30 AM, Philippe Naudin <naudin at supagro.inra.fr>
> I have a problem with the installation of CRS and I am not able to
> understand it.
> On a Debian Jessie, with libapache2-mod-security2-2.9.1-2~bpo8+1 and
> owasp-modsecurity-crs from github.com/SpiderLabs, apache2 -t gives the
> following error :
> AH00526: Syntax error on line 40
> of /etc/modsecurity/crs/REQUEST-941-APPLICATION-ATTACK-XSS.conf Error
> parsing actions: Unknown action: \\
> After commenting out rule 941100, there is another error :
> AH00526: Syntax error on line 36
> of /etc/modsecurity/crs/RESPONSE-950-DATA-LEAKAGES.conf Error parsing
> actions: Unknown action: \\
> Once rules 941100 and 950130 have been commented, apache can read its
> configuration and work correctly (also tested in paranoia levels 2
> and 3).
> Using debian's package modsecurity-crs-3.0.0-3~bpo8+1, there is no
> problem at all.
> Do you know some test or log or whatever that can help me to find the
> origin of this problem ?
> Philippe Naudin
> Owasp-modsecurity-core-rule-set mailing list
> Owasp-modsecurity-core-rule-set at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-modsecurity-core-rule-set