On Thu, 2011-05-26 at 18:11 -0500, Ryan Barnett wrote: > Hello everyone, > I am pleased to announce the release of the OWASP ModSecurity Core Rule Set > (CRS) v2.2.0. This is a significant update as we have added a number of very > important capabilities. > > CHANGE LOG - >
Hi Ryan,
I have just installed this CRS update and on restarting Apache I get the
following error:
# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: Syntax error on line 91 of
/etc/httpd/modsecurity.d/base_rules/modsecurity_crs_20_protocol_violations.conf:
Error creating rule: Unknown variable: REQBODY_ERROR
[FAILED]
I am just dashing out and don't have time to troubleshoot. For now I
have just commented out lines 90 & 91
##SecRule REQBODY_ERROR "!@eq 0" \
## "phase:2,t:none,block,msg:'Failed to parse request
body.',id:'960912',logdata:'%{reqbody_error_msg}',severity:2,setvar:'tx.msg=%{rule.msg}',setvar:'tx.id=%{rule.id}',tag:'RULE_MATURITY/7',tag:'RULE_ACCURACY/8',tag:'https://www.owasp.org/index.php/ModSecurity_CRS_RuleID-%{tx.id}',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.protocol_violation_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-PROTOCOL_VIOLATION/INVALID_REQ-%{matched_var_name}=%{matched_var}"
What is the proper fix?
Thanks in advance...
Mark
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
