Invalid input: SecRequestBodyJsonDepthLimit 512 in /etc/nginx/nginx.conf:43

[bsbudhwar]

[emerg] 1189764#1189764: "modsecurity_rules_file" directive Rules error. File: /etc/nginx/modsec/modsecurity.conf. Line: 58. Column: 34. Invalid input: SecRequestBodyJsonDepthLimit 512 in /etc/nginx/nginx.conf:43

[martinhsv]

Hello @bsbudhwar ,

You didn't mention what version of ModSecurity you are using, but that configuration item is a newer one.

The error message that you have shared here would be expected if you are using a ModSecurity v3 version earlier than v3.0.6.

[bsbudhwar]

Hello @martinhsv,

I compiled libmodsecueity v3 (3.08) version and still giving the same error .

[martinhsv]

Then I don't know any scenario where what you have reported is possible. Also, given that this is not particularly new, and the item is in modsecurity.conf-recommended, it seems less likely that there is an actual bug here (I mean it would be surprising if there is an actual bug and no one else has encountered it after all this time).

Some things you could try:

• you say you have built 3.0.8 -- if that is from current v3/master rather than the official v3.0.8 release from September, you could try the latter to see if you get the same effect
• is there any possibility that, while you believe you are running v3.0.8, you are actually running something older? One way to check this is to temporarily comment-out the configuration item that is giving you a problem and then check what version ModSecurity actually reports itself. One way to do this is with something like:

  SecAction "phase:2,id:1001,pass,log,msg:%{MODSEC_BUILD}"

If you're confident that everything is in order, you would probably need to share a complete and detailed set of steps that you used to build.

[martinhsv]

Closing, due to no further feedback.