Re: [mod-security-users] Upgrade to owasp-coreruleset 4.13.0

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi Ervin,

Here is he output
root@waf:/usr/local/etc/apache24 #  grep -A12 900990
/usr/local/etc/modsecurity/owasp-modsecurity-crs/crs-setup.conf
    "id:900990,\
    phase:1,\
    pass,\
    t:none,\
    nolog,\
    tag:'OWASP_CRS',\
    ver:'OWASP_CRS/4.13.0',\
    setvar:tx.crs_setup_version=4130"

As far as my apache using
/usr/local/etc/apache24/modules.d/280_mod_security.conf, I am sure because
if I were to comment
LoadModule unique_id_module libexec/apache24/mod_unique_id.so
LoadModule security2_module /usr/local/modsecurity/lib/mod_security2.so

I get

root@waf:/home/mbaki # apachectl restart
Performing sanity check on apache24 configuration:
AH00526: Syntax error on line 97 of
/usr/local/etc/modsecurity/owasp-modsecurity-crs/crs-setup.conf:
Invalid command 'SecDefaultAction', perhaps misspelled or defined by a
module not included in the server configuration

Thanks
Monah

On Sun, Apr 6, 2025 at 4:54 AM Ervin Hegedüs <ai...@gm...> wrote:

> Hi Monan,
>
>
> On Sat, Apr 05, 2025 at 04:02:09PM -0400, Monah Baki wrote:
> >
> > ls /usr/local/etc/modsecurity/owasp-modsecurity-crs
> > crs-setup.conf
>
> as Christian wrote this is very strange.
>
> Anyway,
>
> are you sure your engine use this file?
>
> > cat /usr/local/etc/apache24/modules.d/280_mod_security.conf
>
> could you replace this line:
>
> > IncludeOptional
> /usr/local/etc/modsecurity/owasp-modsecurity-crs/crs-setup.conf
>
> by this one:
>
> Include /usr/local/etc/modsecurity/owasp-modsecurity-crs/crs-setup.conf
>
> so just remote the "Optional" string.
>
> And could you show us the output of this command?
>
> grep -A12 900990
> /usr/local/etc/modsecurity/owasp-modsecurity-crs/crs-setup.conf
>
>
> Thanks,
>
>
> a.
>
>
>
> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
> http://www.modsecurity.org/projects/commercial/rules/
> http://www.modsecurity.org/projects/commercial/support/
>