Conflicts were with optional rules in CRS2.9, all resolved.
Ran CRS3 for 24 hours on virtual machine with no problems.
Just moved to production server to continue testing.
On 08/19/2016 06:05 PM, Bill Miller wrote:
I was able to install CRS 3.0 on my Ubuntu Apache 2.4 system.
After a few hours of troubleshooting, I have all the REQUESTs working
successfully except REQUEST-920-PROTOCOL-ENFORCEMENT.conf and
RESPONSE-950-DATA-LEAKAGES.conf. They are causing Modsecurity to
throw syntax errors of the form "Found another rule with the same
id". The rules in question are 920011 and 950020.
This is early info and I've done no additional troubleshooting. Since
I am still running CRS 2.9, that may be where the conflict is. Or
some other configuration problem on my side.
Cheers,
Bill
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
