Hi Bill, On Fri, Aug 19, 2016 at 06:05:50PM -0500, Bill Miller wrote: > I was able to install CRS 3.0 on my Ubuntu Apache 2.4 system.
Cool. Thanks for reporting. > After a few hours of troubleshooting, I have all the REQUESTs > working successfully except REQUEST-920-PROTOCOL-ENFORCEMENT.conf > and RESPONSE-950-DATA-LEAKAGES.conf. They are causing Modsecurity > to throw syntax errors of the form "Found another rule with the same > id". The rules in question are 920011 and 950020. > ... > Since I am still running CRS 2.9, that may be where the conflict is. These are rules from the optionalr_rules folder of CRS 2.2.x. The CRS3 INSTALL file warns against parallel installations. However, we support parallel installations with the base_rules of CRS2, but not with any additional optional_rules and experimental_rules. slr_rules would work though. Once you remove the said rules from your old rules files, the parallel install should work. For a more smooth transition, the official stance is to remove all the CRS2 rules before you deploy CRS3. Cheers, Christian -- History teaches us that men and nations behave wisely once they have exhausted all other alternatives. -- Abba Eban _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
