Re: [mod-security-users] JSON support was not enabled

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

In your modsec conf append the line in yellow.
If you already have this line and is not working, maybe is because the
modsec was not compiled with the json support

SecDebugLogLevel 3
# -- Audit log configuration -------------------------------------------------
# Log the transactions that are marked by a rule, as well as those that
# trigger a server error (determined by a 5xx or 4xx, excluding 404,
# level response status codes).
#
SecAuditLogDirMode 1733
SecAuditLogFileMode 0550
SecAuditLogFormat JSON
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus "^(?:5|4)"
# Log everything we know about a transaction.
SecAuditLogParts ABCHIZ

Cheers.

El mar., 26 de mar. de 2019 01:39, junaid.khan <jun...@na...>
escribió:

> Dear Support
>
>
>
> I need to enable JSON support on mod_sec nginx kindly guide how I enable
> it.
>
>
>
>
>
> 2019/03/19 17:28:22 [error] 5750#0: [client 10.1.1.24] ModSecurity:
> Warning. Match of "within %{tx.allowed_http_versions}" against
> "REQUEST_PROTOCOL" required. [file
> "/usr/local/nginx/conf/owasp-modsecurity-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"]
> [line "1084"] [id "920430"] [msg "HTTP protocol version is not allowed by
> policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.1.0"]
> [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"]
> [tag "attack-protocol"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag
> "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname ""]
> [uri "/nayapay-middleware-0.0.1/app-data/get-nayapay-id"] [unique_id
> "AcAcAcAcAcAYlcAcAbAcAcA2"]
>
> 2019/03/19 17:28:22 [error] 5750#0: [client 10.1.1.24] ModSecurity: JSON
> support was not enabled [hostname ""] [uri
> "/nayapay-middleware-0.0.1/app-data/get-nayapay-id"] [unique_id
> "AcAcAcAcAcAYlcAcAbAcAcA2"]
>
> 2019/03/19 17:28:22 [error] 5750#0: [client 10.1.1.24] ModSecurity: Access
> denied with code 400 (phase 2). Match of "eq 0" against "REQBODY_ERROR"
> required. [file "/usr/local/nginx/conf/modsecurity.conf"] [line "60"] [id
> "200002"] [msg "Failed to parse request body."] [data ""] [severity
> "CRITICAL"] [hostname ""] [uri
> "/nayapay-middleware-0.0.1/app-data/get-nayapay-id"] [unique_id
> "AcAcAcAcAcAYlcAcAbAcAcA2"]
>
> ^C
>
>
>
> Regards,
>
> *Junaid Khan*  |  *System Administrator*
>
> +92 03018281775   | +92 21 38400633 [Ext: 5531]
>
> jun...@na...   |   www.nayapay.com
>
> [image: cid:image001.png@01D43481.09450210]
>
>
>
>
> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
> http://www.modsecurity.org/projects/commercial/rules/
> http://www.modsecurity.org/projects/commercial/support/
>