On Sat, Aug 20, 2016 at 05:00:29PM -0500, Bill Miller wrote: > Conflicts were with optional rules in CRS2.9, all resolved. > > Ran CRS3 for 24 hours on virtual machine with no problems. > > Just moved to production server to continue testing.
Cool. Glad to hear it worked. Please keep up posted how you fare in prod. That fact you are (if I dare say) - _not_ a ModSec expert makes your reports all the more valuable. Ahoj, Christian > > On 08/19/2016 06:05 PM, Bill Miller wrote: > >I was able to install CRS 3.0 on my Ubuntu Apache 2.4 system. > > > >After a few hours of troubleshooting, I have all the REQUESTs > >working successfully except REQUEST-920-PROTOCOL-ENFORCEMENT.conf > >and RESPONSE-950-DATA-LEAKAGES.conf. They are causing Modsecurity > >to throw syntax errors of the form "Found another rule with the > >same id". The rules in question are 920011 and 950020. > > > >This is early info and I've done no additional troubleshooting. > >Since I am still running CRS 2.9, that may be where the conflict > >is. Or some other configuration problem on my side. > > > >Cheers, > >Bill > >_______________________________________________ > >Owasp-modsecurity-core-rule-set mailing list > >Owasp-modsecurity-core-rule-set@lists.owasp.org > >https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set > > > > _______________________________________________ > Owasp-modsecurity-core-rule-set mailing list > Owasp-modsecurity-core-rule-set@lists.owasp.org > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set -- https://www.feistyduck.com/training/modsecurity-training-course mailto:christian.fol...@netnea.com twitter: @ChrFolini _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set