Quote:
Originally Posted by berndbausch
Why don't you look inside? They are simple text files. If I remember well, one is for configuring Apache to use mod_security. The other is for configuring mod_security itself. Which is which? I suggest you figure it out.
|
Thank you.
I did, but I'm not familiar with it and don't know which one is for configuring Apache to use mod_security and which one is for configuring mod_security itself.
The content of the first file is :
Code:
$ cat /etc/httpd/conf.modules.d/10-mod_security.conf
LoadModule security2_module modules/mod_security2.so
<IfModule !mod_unique_id.c>
LoadModule unique_id_module modules/mod_unique_id.so
</IfModule>
And the content of the second file is :
https://paste.ubuntu.com/p/Rtz6jRrwzT/
I added below lines to "/etc/httpd/conf.d/mod_security.conf" file and restarted my Apache:
Code:
IncludeOptional modsecurity.d/owasp-modsecurity-crs/*.conf
IncludeOptional modsecurity.d/owasp-modsecurity-crs/rules/*.conf
But I got below error:
Code:
httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/httpd.service.d
└─php-fpm.conf
Active: failed (Result: exit-code) since Wed 2021-03-03 10:23:52 +0330; 13s ago
Docs: man:httpd.service(8)
Process: 4023589 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS)
Process: 4167747 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
Main PID: 4167747 (code=exited, status=1/FAILURE)
Status: "Reading configuration..."
Mar 03 10:23:51 extra systemd[1]: Starting The Apache HTTP Server...
Mar 03 10:23:52 extra httpd[4167747]: [Wed Mar 03 10:23:52.263542 2021] [so:warn] [pid 4167747:tid 134683729852736>
Mar 03 10:23:52 extra httpd[4167747]: AH00526: Syntax error on line 829 of /etc/httpd/modsecurity.d/owasp-modsecur>
Mar 03 10:23:52 extra httpd[4167747]: ModSecurity: Found another rule with the same id
Mar 03 10:23:52 extra systemd[1]: httpd.service: Main process exited, code=exited, status=1/FAILURE
Mar 03 10:23:52 extra systemd[1]: httpd.service: Failed with result 'exit-code'.
Mar 03 10:23:52 extra systemd[1]: Failed to start The Apache HTTP Server.
And line 829 of that file is:
Code:
SecAction \
"id:900990,\
phase:1,\
nolog,\
pass,\
t:none,\
setvar:tx.crs_setup_version=330" ==> Line 829
I never modified that file!!!