Results 1 to 4 of 4

Thread: modsecurity nginx_apache wont start

  1. #1
    Join Date
    Sep 2006
    Posts
    6

    modsecurity nginx_apache wont start

    Dear,

    I am trying to install modsecurity since we are having issues with try's for sql injections lately, and i found out that modsecurity is the tool to prevent this.
    But after the installation nginx wont start:

    nginx: [emerg] "modsecurity_rules_file" directive Rules error. File: /usr/local/cwaf/rules/02_Global_Generic.conf. Line: 83. Column: 98. Expecting an action, got: ctl:responseBodyAccess=On,rev:1,severity:2,tag:'CWAF',tag:'Generic'" in /etc/nginx/nginx-modsecurity-enable.conf:2

    I have also tried with only apache with no succes either (dont have the error for that one, since i prefer nginx_apache)

    What i have done:
    options.conf
    modsecurity=3.0 (also tried with "yes")
    modsecurity_ruleset=comodo

    ./build update
    ./build modsecurity
    ./build modsecurity_ruleset

    After getting errors i also tried:

    ./build rewrite_confs

    But still no success. Then i tried on our test server a full rebuild
    ./build all d

    Same error.

    Some details:
    ./build version
    2.0.0 (rev: 1972)

    Debian Stretch 9 - Debian 4.9.130-2
    With owasp as ruleset its working, but i heard that comodo is better?


    Is comodo ruleset currently broken for Debian 9 with nginx_apache?

    Thanks in advance,

    Kevin

  2. #2
    Join Date
    Aug 2006
    Location
    LT, EU
    Posts
    7,306
    We use comodo ruleset as-is, without any modifications. I contacted them on this case, and they've told me that they're planning to release a fix next week, however, it's all up to them. I'd suggest using OWASP until they release a bugfix. Thank you!
    Martynas Bendorius
    MB Martynas IT. Professional server management company. Official DirectAdmin, CloudLinux, LiteSpeed and Comodo partners.

  3. #3
    Join Date
    Aug 2006
    Location
    LT, EU
    Posts
    7,306
    Just a FYI: they announced it should work now
    Martynas Bendorius
    MB Martynas IT. Professional server management company. Official DirectAdmin, CloudLinux, LiteSpeed and Comodo partners.

  4. #4
    Join Date
    Dec 2010
    Posts
    61
    Quote Originally Posted by smtalk View Post
    Just a FYI: they announced it should work now
    I guess it doesnt.
    Without knowing this issue, I tried a fresh install with
    webserver=nginx_apache and comodo as modsecurity, however ngnix fails to start with a similar error after install.
    I am trying to switch to owasp as of now. Is it possible that you need to update anything in custombuild packs?
    Regards.
    PS: I did an automated install of directadmin, I may have skipped any warning if exists in standard directadmin install.
    Another PS: I use centos 7, not debian like kevinjasen.
    Last edited by orkinoks; 01-05-2019 at 06:50 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •