search

owasp-modsecurity / ModSecurity-nginx

ModSecurity v3 Nginx Connector
Apache License 2.0
1.49k stars 277 forks source link

Error While Reloading Configuration File After Updating Rules. #235

Closed manishnss closed 3 years ago

manishnss commented 3 years ago

Hello All,

I am trying to write a rule but getting an error while building the docker container. CRS version : 3.0.2 WebServer: Nginx

Following Rule is not working
SecDefaultAction phase:2,log,deny,status:404
SecRule ARGS "@rx K1" id:2000
SecRule ARGS "@rx K2" id:2001
Following rule is working as expected. 
SecRule ARGS:name "@contains <svg>" "id:90001,deny,log,status:403"
Error:
modesec_waf | nginx: [emerg] "modsecurity_rules_file" directive Rules error. File: /etc/nginx/modsec/main.conf. Line: 16. Column: 84. Expecting an action, got:  @rx modsectest" id:2000 in /etc/nginx/conf.d/default.conf:18
modesec_waf | SecRuleARGSmodesec_waf exited with code 1

Can anyone please help me to resolve the error?

Thanks, Manish

martinhsv commented 3 years ago

Hi @manishnss ,

Try putting quotation marks around your actions. E.g.

SecDefaultAction "phase:2,log,deny,status:404" SecRule ARGS "@rx K1" "id:2000" SecRule ARGS "@rx K2" "id:2001"

manishnss commented 3 years ago

Hi @martinhsv ,

Thank you for your help. It worked. I tried it this way as well but it didn't work earlier but this time worked not sure what was causing the error.