It seems as if you have enabled the experimental rules namely modsecurity_crs_61_ip_forensics.conf. Without looking directly at the code, it looks as if the particular rule is trying to do WHOIS lookup. My advice would be that you might consider disabling the particular rules you donĀ¹t need. If you need these rules (or want them) I can certainly look more closely at the LUA script and see where the problem might arise.
On 7/8/15, 10:49 AM, "Bill Miller" <wbmiller...@comcast.net> wrote: >Hello, >I've been setting up modsecurity-crs and I've managed to eliminate all >the error messages save one, namely > >Message: Lua: Script execution failed: >/usr/share/modsecurity-crs/lua/gather_ip_data.lua:8: attempt to >concatenate local 'remote_addr' (a nil value) > >This message shows up in modsec_audit.log every time the >modsecurity_crs_60_correlation.conf rule is triggered. > >Any information on how to go about fixing this would be most >appreciated. Google searching has been fruitless. > >Thanks in advance, >Bill >_______________________________________________ >Owasp-modsecurity-core-rule-set mailing list >Owasp-modsecurity-core-rule-set@lists.owasp.org >http://scanmail.trustwave.com/?c=4062&d=3L6d1Xgeb8uYenYYXLrpkJXDRrC-WD4vtd >2MDWBwqQ&s=5&u=https%3a%2f%2flists%2eowasp%2eorg%2fmailman%2flistinfo%2fow >asp-modsecurity-core-rule-set ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
