Hi, I’ve rejigged where my modsecurity files go and run into an error. I’m sure it’s something simple, but I can’t work it out.
I’m seeing huge number of these errors about session.ip_hash and session.ua_hash not having a collection: [Tue Jan 12 16:33:42.379454 2016] [:error] [pid 1925:tid 139976666769152] [client 10.30.82.121] ModSecurity: Could not set variable “session.ip_hash” as the collection does not exist. [hostname “www.reading.ac.uk”] [uri “/mytimetable/m”] [unique_id “VpUq5IbhAVgAAAeFS@UAAAEI”] [Tue Jan 12 16:33:42.379484 2016] [:error] [pid 1925:tid 139976666769152] [client 10.30.82.121] ModSecurity: Could not set variable “session.ua_hash” as the collection does not exist. Disabling modsecurity_crs_16_session_hijacking.conf fixes the errors. I’m running stock Ubuntu 14.04 (modsecurity 2.7.7-2) with the latest OWASP crs rules from git. modsecurity_crs_10_setup.conf is also as stock except for allowing the anomaly scoring. Can anyone help? I did have session-hjacking enabled in the previous config and did not get these errors. Thanks, Richard -- http://www.jonze.com/privacy.html _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
