kevinjansen
Verified User
- Joined
- Sep 9, 2006
- Messages
- 11
Dear,
I am trying to install modsecurity since we are having issues with try's for sql injections lately, and i found out that modsecurity is the tool to prevent this.
But after the installation nginx wont start:
nginx: [emerg] "modsecurity_rules_file" directive Rules error. File: /usr/local/cwaf/rules/02_Global_Generic.conf. Line: 83. Column: 98. Expecting an action, got: ctl:responseBodyAccess=On,rev:1,severity:2,tag:'CWAF',tag:'Generic'" in /etc/nginx/nginx-modsecurity-enable.conf:2
I have also tried with only apache with no succes either (dont have the error for that one, since i prefer nginx_apache)
What i have done:
options.conf
modsecurity=3.0 (also tried with "yes")
modsecurity_ruleset=comodo
./build update
./build modsecurity
./build modsecurity_ruleset
After getting errors i also tried:
./build rewrite_confs
But still no success. Then i tried on our test server a full rebuild
./build all d
Same error.
Some details:
./build version
2.0.0 (rev: 1972)
Debian Stretch 9 - Debian 4.9.130-2
With owasp as ruleset its working, but i heard that comodo is better?
Is comodo ruleset currently broken for Debian 9 with nginx_apache?
Thanks in advance,
Kevin
I am trying to install modsecurity since we are having issues with try's for sql injections lately, and i found out that modsecurity is the tool to prevent this.
But after the installation nginx wont start:
nginx: [emerg] "modsecurity_rules_file" directive Rules error. File: /usr/local/cwaf/rules/02_Global_Generic.conf. Line: 83. Column: 98. Expecting an action, got: ctl:responseBodyAccess=On,rev:1,severity:2,tag:'CWAF',tag:'Generic'" in /etc/nginx/nginx-modsecurity-enable.conf:2
I have also tried with only apache with no succes either (dont have the error for that one, since i prefer nginx_apache)
What i have done:
options.conf
modsecurity=3.0 (also tried with "yes")
modsecurity_ruleset=comodo
./build update
./build modsecurity
./build modsecurity_ruleset
After getting errors i also tried:
./build rewrite_confs
But still no success. Then i tried on our test server a full rebuild
./build all d
Same error.
Some details:
./build version
2.0.0 (rev: 1972)
Debian Stretch 9 - Debian 4.9.130-2
With owasp as ruleset its working, but i heard that comodo is better?
Is comodo ruleset currently broken for Debian 9 with nginx_apache?
Thanks in advance,
Kevin