Closed Ziris85 closed 4 years ago
As you can see in the connector version, this is a beta software. Nobody recommends to use it, please don't do that.
If you want to test it, please read the README of connector. There you can find the relevant keywords what you can use for module.
An example:
<IfModule security3_module>
modsecurity on
modsecurity_rules_file /path/to/your/httpd/config/modsecurity_includes.conf
</IfModule>
and put the lines from your module config into modsecurity_includes.conf
:
Include conf.d/owasp-modsecurity-crs-3.2.0/crs-setup.conf
Include conf.d/owasp-modsecurity-crs-3.2.0/rules/*.conf
But again: don't use this connector unless you want to play with it/test it. Several important code misses, the library handling is unfinished, and so on...
Please note, that this isn't a CRS related issue, so I'm going to close it.
Describe the bug
Forgive me if this is either a question that's already been asked, or has an obvious answer, but I've not been able to find one if so. It doesn't appear that any of these rules are compatible with ModSecurity 3.x:
Steps to reproduce
I just compiled and installed libmodsecurity v3.0.4, then did the same for the ModSecurity-Apache connector (v0.1.1-beta). I then downloaded and loaded up these rules, with this in my config file:
Expected behaviour
Configs are loaded without error
Actual behaviour
None of the configurations work. Going through and commenting out the lines that it complains about gives me nothing but commented files and no actual rules.
Your Environment