|
From: Eero V. <eer...@ik...> - 2019-12-30 16:24:42
|
Hi, OWASP ruleset? You mean crs ruleset? what version? that repository also compiles packages from source. Eero On Mon, Dec 30, 2019 at 6:03 PM Dino Edwards via mod-security-users < mod...@li...> wrote: > I’m using the OWASP ruleset. > > > > I haven’t tried that repository. Just trying to build from source. > > > > *From:* Eero Volotinen <eer...@ik...> > *Sent:* Monday, December 30, 2019 5:52 AM > *To:* Dino Edwards <din...@my...> > *Subject:* Re: [mod-security-users] This version of ModSecurity was not > compiled with GeoIP or MaxMind support > > > > Please at least provide rulesets that your are using. > > > > Have you tested this repository: > https://github.com/phusion/nginx-modsecurity-ubuntu#building-the-package > > > > Eero > > > > On Mon, Dec 30, 2019 at 12:30 PM Dino Edwards via mod-security-users < > mod...@li...> wrote: > > Hi Eero > > > > Here’s the relevant command lines. > > > > Compile Modsecurity (I have tried with ./configure > –enable-standalone-module AND/OR ./configure –with-geoip=yes AND/OR > ./configure –with-maxmind=yes) > > > > sh build.sh && \ > > /usr/bin/git submodule init && \ > > /usr/bin/git submodule update && \ > > ./configure && \ > > make && \ > > make install > > > > Compile Nginx ( have tried with ./configure --with-http_geoip_module AND > ./configure --with-http_geoip_module=dynamic) > > > > ./configure --user=www-data --group=www-data --with-pcre-jit --with-debug > --with-http_ssl_module --with-http_realip_module > --add-module=/opt/headers-more-nginx-module-master > --add-module=/opt/ModSecurity-nginx --prefix=/usr/local/nginx > --conf-path=/usr/local/nginx/conf/nginx.conf && \ > > make && \ > > make install > > > > Thanks! > > > > > > *From:* Eero Volotinen <eer...@ik...> > *Sent:* Sunday, December 29, 2019 7:05 AM > *To:* mod...@li... > *Cc:* Dino Edwards <din...@my...> > *Subject:* Re: [mod-security-users] This version of ModSecurity was not > compiled with GeoIP or MaxMind support > > > > please provide full commandline for compilation of software. > > > > Eero > > > > On Sun 29. Dec 2019 at 12.28, Dino Edwards via mod-security-users < > mod...@li...> wrote: > > HI, > > > > I’m having a problem with libmodsecurity (Modsecurity 3.0.3-114) or Nginx > or both, I can’t tell which. Everytime I try to start Nginx on Ubuntu > 18.04, it throws the following error: > > > > nginx: [emerg] "modsecurity_rules_file" directive Rules error. File: > /usr/local/nginx/conf/modsecurity/../rules/REQUEST-910-IP-REPUTATION.conf. > Line: 73. Column: 22. This version of ModSecurity was not compiled with > GeoIP or MaxMind support. > > > > I originally installed GeoIP which didn’t work and then I installed > MaxMind which didn’t work either. > > > > When I compile libmodsecurity it looks like it finds GeoIP/MaxMind: > > > > Optional dependencies > > + GeoIP/MaxMind ....found > > * (MaxMind) v1.4.2 > > -lmaxminddb , -DWITH_MAXMIND -I/usr/include/x86_64-linux-gnu > > * (GeoIP) v1.6.12 > > -lGeoIP , -I/usr/include/ > > > > I tried compiling with –with-maxind=yes and with –with-geoip=yes flags > still same problem. > > > > I compile nginx with either the –with-http_geoip_module OR > –with-http_geoip_module=dynamic flags same error. > > > > I’m not sure where to go from there. The only way I can get Nginx to start > without throwing that error is to remove the REQUEST-910-IP-REPUTATION.conf > rule. > > > > I would appreciate some help. > > > > Thanks! > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ > |
