On Fri, 2011-05-27 at 16:19 -0500, Ryan Barnett wrote: > Ah, I guess you aren't using ModSecurity v2.6.0. You should use the older > variable name then - REQBODY_PROCESSOR_ERROR >
Ahhh! I'm running on Fedora 13 and am planning to upgrade to Fedora 15 this weekend (time permitting) so I haven't done any updates for some time... REQBODY_PROCESSOR_ERROR works thanks! As always - your help is much appreciated. Mark > Ryan > > On May 27, 2011, at 3:16 PM, "Arthur Dent" > <[email protected]<mailto:[email protected]>> wrote: > > On Thu, 2011-05-26 at 18:11 -0500, Ryan Barnett wrote: > Hello everyone, > I am pleased to announce the release of the OWASP ModSecurity Core Rule Set > (CRS) v2.2.0. This is a significant update as we have added a number of very > important capabilities. > > CHANGE LOG - > > > Hi Ryan, > > I have just installed this CRS update and on restarting Apache I get the > following error: > > # service httpd restart > Stopping httpd: [ OK ] > Starting httpd: Syntax error on line 91 of > /etc/httpd/modsecurity.d/base_rules/modsecurity_crs_20_protocol_violations.conf: > Error creating rule: Unknown variable: REQBODY_ERROR > [FAILED] > > I am just dashing out and don't have time to troubleshoot. For now I > have just commented out lines 90 & 91 > > ##SecRule REQBODY_ERROR "!@eq 0" \ > ## "phase:2,t:none,block,msg:'Failed to parse request > body.',id:'960912',logdata:'%{reqbody_error_msg}',severity:2,setvar:'tx.msg=%{rule.msg}',setvar:'tx.id=%{rule.id}',tag:'RULE_MATURITY/7',tag:'RULE_ACCURACY/8',tag:'https://www.owasp.org/index.php/ModSecurity_CRS_RuleID-%{tx.id}',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.protocol_violation_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-PROTOCOL_VIOLATION/INVALID_REQ-%{matched_var_name}=%{matched_var}" > > What is the proper fix? > > Thanks in advance... > > Mark
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
