The latest rules in the GitHub repo (https://github.com/SpiderLabs/owasp-modsecurity-crs) are v2.6.6. This version requires features in v2.7.0 of ModSecurity (ver, accuracy and maturity actions).
If you are using < 2.7.0, you should use the CRS version v2.2.5. Download here - https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/v2.2.5 -- Ryan Barnett Trustwave SpiderLabs ModSecurity Project Leader OWASP ModSecurity CRS Project Leader From: Pablo Garcia Melga <mal...@gmail.com<mailto:mal...@gmail.com>> Date: Wednesday, September 19, 2012 2:45 PM To: <owasp-modsecurity-core-rule-set@lists.owasp.org<mailto:owasp-modsecurity-core-rule-set@lists.owasp.org>> Subject: [Owasp-modsecurity-core-rule-set] Cannot start apache after adding core rule set Hi, (newbie here), I just finished to compile the mod_security, create a few rules of my own, and everthing worked fine, Until I added the SpiderLabs core rules, now I get this error when I try to restart the apache. "Syntax error on line 52 of /opt/modsecurity/etc/activated_rules/modsecurity_crs_20_protocol_violations.conf: Error parsing actions: Unknown action: ver" If I comment that rule file I get the same problem with the next one, the mod_security is 2.6.7, the rule files are 2.2.6, although I get the PCRE warning in the apache error log, everything works file until I upload this rules, any ideas ? Best Regards, Pablo _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org<mailto:Owasp-modsecurity-core-rule-set@lists.owasp.org> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
