[mod-security-users] modsec working but failing with core rules
Brought to you by:
victorhora,
zimmerletw
From: Edward P. <edw...@ne...> - 2007-01-23 09:38:27
|
Hi, I have modsecurity installed and loaded - I ran a test attack through and it got caught by mod security and a note added to the audit log. However, when I try and add core rules I get the following error: Syntax error on line 53 of /etc/httpd/conf/modsecurity_crs_10_config.conf: Invalid command 'SecRuleEngine', perhaps misspelled or defined by a module not included in the server configuration I'm adding these rules to an already working configuration (using Include... lines in my modsec.conf) which is why I'm not sure where to start debugging. I'm running Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28 OpenSSL/0.9.7a, It's a distro install on Red Hat Enterprise Linux ES release 4 (Nahant Update 4). Thanks, Edward The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorised. If you are not the intended recipient, any action taken or omitted to be taken in reliance on it, any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this E-mail message is strictly prohibited and may be unlawful. If you have received this E-mail message in error, please notify us immediately. Please also destroy and delete the message from your computer. |