Re: [mod-security-users] Upgrade to owasp-coreruleset 4.13.0
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Upgrade to owasp-coreruleset 4.13.0
|
From: Christian F. <chr...@ne...> - 2025-04-05 23:15:43
|
Hey Monah, This is very strange. Filename, location and permissions look ok. Can you show us rule 900990 from crs-setup.conf, where tx.crs_setup_version is being set? Best, Christian On Sat, Apr 05, 2025 at 04:39:30PM -0400, Monah Baki wrote: > Hi Christian, > > ls -la /usr/local/etc/modsecurity/owasp-modsecurity-crs/crs-setup.conf > -rw-r--r-- 1 mbaki mbaki 35639 Mar 31 11:18 > /usr/local/etc/modsecurity/owasp-modsecurity-crs/crs-setup.conf > > > Also > > mbaki@waf:~ $ ls -la /usr/local/etc/modsecurity/owasp-modsecurity-crs/ > total 320 > drwxr-xr-x 9 mbaki mbaki 1024 Apr 5 10:47 . > drwxr-xr-x 4 root wheel 512 Apr 5 10:57 .. > -rw-r--r-- 1 mbaki mbaki 518 Mar 31 11:18 .editorconfig > drwxr-xr-x 5 mbaki mbaki 512 Mar 31 11:18 .github > -rw-r--r-- 1 mbaki mbaki 661 Mar 31 11:18 .gitignore > -rw-r--r-- 1 mbaki mbaki 0 Mar 31 11:18 .gitmodules > -rw-r--r-- 1 mbaki mbaki 315 Mar 31 11:18 .linelint.yml > -rw-r--r-- 1 mbaki mbaki 432 Mar 31 11:18 .pre-commit-config.yaml > -rw-r--r-- 1 mbaki mbaki 751 Mar 31 11:18 .yamllint.yml > -rw-r--r-- 1 mbaki mbaki 144155 Mar 31 11:18 CHANGES.md > -rw-r--r-- 1 mbaki mbaki 28523 Mar 31 11:18 CONTRIBUTING.md > -rw-r--r-- 1 mbaki mbaki 6564 Mar 31 11:18 CONTRIBUTORS.md > -rw-r--r-- 1 mbaki mbaki 11489 Mar 31 11:18 INSTALL.md > -rw-r--r-- 1 mbaki mbaki 2783 Mar 31 11:18 KNOWN_BUGS.md > -rw-r--r-- 1 mbaki mbaki 11347 Mar 31 11:18 LICENSE > -rw-r--r-- 1 mbaki mbaki 2871 Mar 31 11:18 README.md > -rw-r--r-- 1 mbaki mbaki 4543 Mar 31 11:18 SECURITY.md > -rw-r--r-- 1 mbaki mbaki 89 Mar 31 11:18 SPONSORS.md > -rw-r--r-- 1 mbaki mbaki 35639 Mar 31 11:18 crs-setup.conf > drwxr-xr-x 2 mbaki mbaki 512 Mar 31 11:18 docs > drwxr-xr-x 2 mbaki mbaki 512 Mar 31 11:18 plugins > drwxr-xr-x 4 mbaki mbaki 2560 Mar 31 11:18 regex-assembly > -rw-r--r-- 1 mbaki mbaki 222 Mar 31 11:18 renovate.json > drwxr-xr-x 2 mbaki mbaki 2048 Apr 5 09:55 rules > drwxr-xr-x 5 mbaki mbaki 512 Mar 31 11:18 tests > drwxr-xr-x 5 mbaki mbaki 512 Mar 31 11:18 util > > > Thanks > Monah > > On Sat, Apr 5, 2025 at 4:26 PM Christian Folini <chr...@ne...> > wrote: > > > Hey Monah, > > > > Are you sure the file > > > > /usr/local/etc/modsecurity/owasp-modsecurity-crs/crs-setup.conf > > > > exists? > > > > The error message clearly says it can't be read: > > > > CRS is deployed without configuration! > > Please copy the crs-setup.conf.example template to crs-setup.conf, and > > include the crs-setup.conf file in your webserver configuration before > > including the CRS rules. See the INSTALL file in the CRS directory for > > detailed instructions > > > > Best, > > > > Christian > > > > On Sat, Apr 05, 2025 at 04:02:09PM -0400, Monah Baki wrote: > > > Hello all, > > > > > > I am running Freebsd 14.2 and I upgraded my owasp to v4.13.0. However I > > am > > > seeing in my http error logs the following > > > > > > [Sat Apr 05 11:24:27.646852 2025] [security2:error] [pid 96152] [client > > > 23.95.132.51:56151] ModSecurity: Access denied with code 500 (phase 1). > > > Operator EQ matched 0 at TX. [file > > > > > "/usr/local/etc/modsecurity/owasp-modsecurity-crs/rules/REQUEST-901-INITIALIZATION.conf"] > > > [line "64"] [id "901001"] [msg "CRS is deployed without configuration! > > > Please copy the crs-setup.conf.example template to crs-setup.conf, and > > > include the crs-setup.conf file in your webserver configuration before > > > including the CRS rules. See the INSTALL file in the CRS directory for > > > detailed instructions"] [severity "CRITICAL"] [ver "OWASP_CRS/4.13.0"] > > [tag > > > "OWASP_CRS"] > > > > > > > > > ls /usr/local/etc/modsecurity/owasp-modsecurity-crs > > > crs-setup.conf > > > > > > cat /usr/local/etc/apache24/modules.d/280_mod_security.conf > > > IncludeOptional > > > /usr/local/etc/modsecurity/owasp-modsecurity-crs/crs-setup.conf > > > IncludeOptional > > > /usr/local/etc/modsecurity/owasp-modsecurity-crs/plugins/*-config.conf > > > IncludeOptional > > > /usr/local/etc/modsecurity/owasp-modsecurity-crs/plugins/*-before.conf > > > Include /usr/local/etc/modsecurity/owasp-modsecurity-crs/rules/*.conf > > > IncludeOptional > > > /usr/local/etc/modsecurity/owasp-modsecurity-crs/plugins/*-after.conf > > > > > > > > > Thanks > > > Monah > > > > > > > _______________________________________________ > > > mod-security-users mailing list > > > mod...@li... > > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > > http://www.modsecurity.org/projects/commercial/rules/ > > > http://www.modsecurity.org/projects/commercial/support/ > > > > > > > > _______________________________________________ > > mod-security-users mailing list > > mod...@li... > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > http://www.modsecurity.org/projects/commercial/rules/ > > http://www.modsecurity.org/projects/commercial/support/ > > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
