Re: [mod-security-users] JSON support was not enabled

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Please specify your Linux OS version, distribution name and what package
repository is used to install nginx modsecurity module?

Eero

On Tue, Mar 26, 2019 at 6:39 AM junaid.khan <jun...@na...> wrote:

> Dear Support
>
>
>
> I need to enable JSON support on mod_sec nginx kindly guide how I enable
> it.
>
>
>
>
>
> 2019/03/19 17:28:22 [error] 5750#0: [client 10.1.1.24] ModSecurity:
> Warning. Match of "within %{tx.allowed_http_versions}" against
> "REQUEST_PROTOCOL" required. [file
> "/usr/local/nginx/conf/owasp-modsecurity-crs/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"]
> [line "1084"] [id "920430"] [msg "HTTP protocol version is not allowed by
> policy"] [data "HTTP/1.1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.1.0"]
> [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"]
> [tag "attack-protocol"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag
> "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname ""]
> [uri "/nayapay-middleware-0.0.1/app-data/get-nayapay-id"] [unique_id
> "AcAcAcAcAcAYlcAcAbAcAcA2"]
>
> 2019/03/19 17:28:22 [error] 5750#0: [client 10.1.1.24] ModSecurity: JSON
> support was not enabled [hostname ""] [uri
> "/nayapay-middleware-0.0.1/app-data/get-nayapay-id"] [unique_id
> "AcAcAcAcAcAYlcAcAbAcAcA2"]
>
> 2019/03/19 17:28:22 [error] 5750#0: [client 10.1.1.24] ModSecurity: Access
> denied with code 400 (phase 2). Match of "eq 0" against "REQBODY_ERROR"
> required. [file "/usr/local/nginx/conf/modsecurity.conf"] [line "60"] [id
> "200002"] [msg "Failed to parse request body."] [data ""] [severity
> "CRITICAL"] [hostname ""] [uri
> "/nayapay-middleware-0.0.1/app-data/get-nayapay-id"] [unique_id
> "AcAcAcAcAcAYlcAcAbAcAcA2"]
>
> ^C
>
>
>
> Regards,
>
> *Junaid Khan*  |  *System Administrator*
>
> +92 03018281775   | +92 21 38400633 [Ext: 5531]
>
> jun...@na...   |   www.nayapay.com
>
> [image: cid:image001.png@01D43481.09450210]
>
>
>
>
> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
> http://www.modsecurity.org/projects/commercial/rules/
> http://www.modsecurity.org/projects/commercial/support/
>