Hi Ryan, Thanks! I was afraid that might be the root cause, but great to know where to focus my efforts.
Best, Matt Thomas Founder betweenbrain <http://betweenbrain.com/>™ Lead Developer Construct Template Development Framework<http://construct-framework.com/> Phone: 203.632.9322 Twitter: @betweenbrain Github: https://github.com/betweenbrain On Fri, Feb 17, 2012 at 10:16 AM, Ryan Barnett <rbarn...@trustwave.com>wrote: > Hey Matt, > You need to be running at least mod_security v2.5.12 to get the macro > support for numeric operators. > > -- > Ryan Barnett > Trustwave SpiderLabs > ModSecurity Project Leader > OWASP ModSecurity CRS Project Leader > > From: Matt Thomas <m...@betweenbrain.com<mailto:m...@betweenbrain.com>> > Date: Fri, 17 Feb 2012 09:08:06 -0600 > To: "owasp-modsecurity-core-rule-set@lists.owasp.org<mailto: > owasp-modsecurity-core-rule-set@lists.owasp.org>" < > owasp-modsecurity-core-rule-set@lists.owasp.org<mailto: > owasp-modsecurity-core-rule-set@lists.owasp.org>> > Subject: [Owasp-modsecurity-core-rule-set] tx.max_num_args issue > > Hi Folks, > > I've recently started using the 2.2.3 ruleset with mod_security 2.5.11-1 > (Ubuntu 10.04). I'm having an issue with with a standard Joomla 2.5.1 > install triggering line 31 or > base_rules/modsecurity_crs_23_request_limits.conf "Too many arguments in > request". I'm using an unmodified version of > modsecurity_crs_10_config.conf. When I adjust max_num_args in > modsecurity_crs_10_config.conf, it doesn't seem to have any affect on the > above issue. I've tried anywhere from 1 to 400000. I am restarting Apache > between each change. But, if I comment out SecAction > "phase:1,id:'981211',t:none,nolog,pass,setvar:tx.max_num_args=255" the too > many arguments issue is resolved. > > It appears as if the numerical changes I am making to max_num_args aren't > being loaded. I'm not sure. Any ideas? > > Thanks in advance! > > Best, > > Matt Thomas > Founder betweenbrain<http://betweenbrain.com/>™ > Lead Developer Construct Template Development Framework< > http://construct-framework.com/> > Phone: 203.632.9322<tel:203.632.9322> > Twitter: @betweenbrain > Github: https://github.com/betweenbrain > > > ________________________________ > This transmission may contain information that is privileged, > confidential, and/or exempt from disclosure under applicable law. If you > are not the intended recipient, you are hereby notified that any > disclosure, copying, distribution, or use of the information contained > herein (including any reliance thereon) is STRICTLY PROHIBITED. If you > received this transmission in error, please immediately contact the sender > and destroy the material in its entirety, whether in electronic or hard > copy format. > >
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
