Re: [Owasp-modsecurity-core-rule-set] None of the SLR rules work.

Gene Sat, 08 Dec 2012 20:50:15 -0800

________________________________
 From: Josh Amishav-Zlatin <jam...@gmail.com>
To: ot...@ahhyes.net 
Cc: "owasp-modsecurity-core-rule-set@lists.owasp.org" 
<owasp-modsecurity-core-rule-set@lists.owasp.org> 
Sent: Thursday, 6 December 2012, 9:12
Subject: Re: [Owasp-modsecurity-core-rule-set] None of the SLR rules work.

On Thu, Dec 6, 2012 at 7:40 AM, <ot...@ahhyes.net> wrote:

I noticed someone else reported this issue to the mailing list in October:
>
>http://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/2012-October/001228.html
>
>Why wasn't this replied to? This doesnt make me feel optimistic that anyone 
>will be replying to my question either.
>
>

Hi,

Some of the SLR rules are missing id's, which was an oversight. I'm not sure if 
Ryan has some sort of system when assigning rule id's or if anyone can just 
assign an arbitrary unused id and submit the change for inclusion via git.

--
 - Josh

Hi

If you're allocating id's yourself, I posted the clip below in another thread a 
couple weeks ago, it might be useful:

http://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#id

It sets out reserved ranges including this one:
1–99,999: reserved for local (internal) use. Use as you see fit, but do 
not use this range for rules that are distributed to others 

Surely enough, I notice that all the SLR rules are missing id's, why is that?
>
>
>
>On 2012-12-06 15:32, ot...@ahhyes.net wrote:
>
>Hi Guys,
>>
>>I am running ModSecurity v2.7.1 and ver.2.2.7 of the owasp ruleset
>>(from the modsecurity website).
>>
>>I am not having any problems with the base ruleset, however if I try
>>to include any of the SLR rules, they all error out. For example:
>>
>>Syntax error on line 17 of
>>
>>/usr/local/apache/conf/modsec_slr_rules/modsecurity_crs_46_slr_et_joomla_attacks.conf:
>>ModSecurity: No action id present within the rule
>>
>>All of the rules under the SLR directory exhibit this issue.
>>
>>Googling has revealed cryptic and unhelpful results. Any ideas on
>>what is causing the problem?? I have the CRS config setup for Anomaly
>>scoring mode.
>>
>>Alex.
>>
>>_______________________________________________
>>Owasp-modsecurity-core-rule-set mailing list
>>Owasp-modsecurity-core-rule-set@lists.owasp.org
>>
>>https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
>>
_______________________________________________
>Owasp-modsecurity-core-rule-set mailing list
>Owasp-modsecurity-core-rule-set@lists.owasp.org
>https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
>

_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

Re: [Owasp-modsecurity-core-rule-set] None of the SLR rules work.

Reply via email to