Re: [mod-security-users] Upgrade to owasp-coreruleset 4.13.0

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi Christian,

ls -la  /usr/local/etc/modsecurity/owasp-modsecurity-crs/crs-setup.conf
-rw-r--r--  1 mbaki mbaki 35639 Mar 31 11:18
/usr/local/etc/modsecurity/owasp-modsecurity-crs/crs-setup.conf

Also

mbaki@waf:~ $ ls -la  /usr/local/etc/modsecurity/owasp-modsecurity-crs/
total 320
drwxr-xr-x  9 mbaki mbaki   1024 Apr  5 10:47 .
drwxr-xr-x  4 root  wheel    512 Apr  5 10:57 ..
-rw-r--r--  1 mbaki mbaki    518 Mar 31 11:18 .editorconfig
drwxr-xr-x  5 mbaki mbaki    512 Mar 31 11:18 .github
-rw-r--r--  1 mbaki mbaki    661 Mar 31 11:18 .gitignore
-rw-r--r--  1 mbaki mbaki      0 Mar 31 11:18 .gitmodules
-rw-r--r--  1 mbaki mbaki    315 Mar 31 11:18 .linelint.yml
-rw-r--r--  1 mbaki mbaki    432 Mar 31 11:18 .pre-commit-config.yaml
-rw-r--r--  1 mbaki mbaki    751 Mar 31 11:18 .yamllint.yml
-rw-r--r--  1 mbaki mbaki 144155 Mar 31 11:18 CHANGES.md
-rw-r--r--  1 mbaki mbaki  28523 Mar 31 11:18 CONTRIBUTING.md
-rw-r--r--  1 mbaki mbaki   6564 Mar 31 11:18 CONTRIBUTORS.md
-rw-r--r--  1 mbaki mbaki  11489 Mar 31 11:18 INSTALL.md
-rw-r--r--  1 mbaki mbaki   2783 Mar 31 11:18 KNOWN_BUGS.md
-rw-r--r--  1 mbaki mbaki  11347 Mar 31 11:18 LICENSE
-rw-r--r--  1 mbaki mbaki   2871 Mar 31 11:18 README.md
-rw-r--r--  1 mbaki mbaki   4543 Mar 31 11:18 SECURITY.md
-rw-r--r--  1 mbaki mbaki     89 Mar 31 11:18 SPONSORS.md
-rw-r--r--  1 mbaki mbaki  35639 Mar 31 11:18 crs-setup.conf
drwxr-xr-x  2 mbaki mbaki    512 Mar 31 11:18 docs
drwxr-xr-x  2 mbaki mbaki    512 Mar 31 11:18 plugins
drwxr-xr-x  4 mbaki mbaki   2560 Mar 31 11:18 regex-assembly
-rw-r--r--  1 mbaki mbaki    222 Mar 31 11:18 renovate.json
drwxr-xr-x  2 mbaki mbaki   2048 Apr  5 09:55 rules
drwxr-xr-x  5 mbaki mbaki    512 Mar 31 11:18 tests
drwxr-xr-x  5 mbaki mbaki    512 Mar 31 11:18 util

Thanks
Monah

On Sat, Apr 5, 2025 at 4:26 PM Christian Folini <chr...@ne...>
wrote:

> Hey Monah,
>
> Are you sure the file
>
> /usr/local/etc/modsecurity/owasp-modsecurity-crs/crs-setup.conf
>
> exists?
>
> The error message clearly says it can't be read:
>
> CRS is deployed without configuration!
> Please copy the crs-setup.conf.example template to crs-setup.conf, and
> include the crs-setup.conf file in your webserver configuration before
> including the CRS rules. See the INSTALL file in the CRS directory for
> detailed instructions
>
> Best,
>
> Christian
>
> On Sat, Apr 05, 2025 at 04:02:09PM -0400, Monah Baki wrote:
> > Hello all,
> >
> > I am running Freebsd 14.2 and  I upgraded my owasp to v4.13.0. However I
> am
> > seeing in my http error logs the following
> >
> > [Sat Apr 05 11:24:27.646852 2025] [security2:error] [pid 96152] [client
> > 23.95.132.51:56151] ModSecurity: Access denied with code 500 (phase 1).
> > Operator EQ matched 0 at TX. [file
> >
> "/usr/local/etc/modsecurity/owasp-modsecurity-crs/rules/REQUEST-901-INITIALIZATION.conf"]
> > [line "64"] [id "901001"] [msg "CRS is deployed without configuration!
> > Please copy the crs-setup.conf.example template to crs-setup.conf, and
> > include the crs-setup.conf file in your webserver configuration before
> > including the CRS rules. See the INSTALL file in the CRS directory for
> > detailed instructions"] [severity "CRITICAL"] [ver "OWASP_CRS/4.13.0"]
> [tag
> > "OWASP_CRS"]
> >
> >
> > ls /usr/local/etc/modsecurity/owasp-modsecurity-crs
> > crs-setup.conf
> >
> > cat /usr/local/etc/apache24/modules.d/280_mod_security.conf
> > IncludeOptional
> > /usr/local/etc/modsecurity/owasp-modsecurity-crs/crs-setup.conf
> > IncludeOptional
> > /usr/local/etc/modsecurity/owasp-modsecurity-crs/plugins/*-config.conf
> > IncludeOptional
> > /usr/local/etc/modsecurity/owasp-modsecurity-crs/plugins/*-before.conf
> > Include /usr/local/etc/modsecurity/owasp-modsecurity-crs/rules/*.conf
> > IncludeOptional
> > /usr/local/etc/modsecurity/owasp-modsecurity-crs/plugins/*-after.conf
> >
> >
> > Thanks
> > Monah
>
>
> > _______________________________________________
> > mod-security-users mailing list
> > mod...@li...
> > https://lists.sourceforge.net/lists/listinfo/mod-security-users
> > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
> > http://www.modsecurity.org/projects/commercial/rules/
> > http://www.modsecurity.org/projects/commercial/support/
>
>
>
> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
> http://www.modsecurity.org/projects/commercial/rules/
> http://www.modsecurity.org/projects/commercial/support/
>