Description of problem: While testing Bug 6678 it was discovered that the base rule set contained in apache-mod_security-2.6.3-3.2 contains syntax errors From the syslog httpd[13168]: Syntax error on line 47 of /etc/httpd/conf/modsecurity/base_rules/modsecurity_crs_21_protocol_anomalies.conf: httpd[13168]: ModSecurity: SkipAfter actions can only be specified by chain starter rules. On correcting that error by downloading a current version of modsecurity_crs_21_protocol_anomalies.conf the syslog then shows more errors. As each error is corrected by downloading the appropriate updated file a new one is revealed. Syntax error on line 19 of /etc/httpd/conf/modsecurity/base_rules/modsecurity_crs_35_bad_robots.conf: Error creating rule: Could not open phrase file "/etc/httpd/conf/modsecurity/base_rules/modsecurity_35_bad_robots.data": No such file or directory Syntax error on line 174 of /etc/httpd/conf/modsecurity/base_rules/modsecurity_crs_40_generic_attacks.conf: Error creating rule: Could not open phrase file "/etc/httpd/conf/modsecurity/base_rules/modsecurity_40_generic_attacks.data": No such file or directory Error creating rule: Could not open phrase file "/etc/httpd/conf/modsecurity/base_rules/modsecurity_41_sql_injection_attacks.data": No such file or directory Error creating rule: Could not open phrase file "/etc/httpd/conf/modsecurity/base_rules/modsecurity_50_outbound_malware.data": No such file or directory Syntax error on line 22 of /etc/httpd/conf/modsecurity/base_rules/modsecurity_crs_60_correlation.conf: All these errors can be fixed by updating /etc/httpd/conf/modsecurity/base_rules to version 2.2.5 http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/ How reproducible: Every time Steps to Reproduce: 1. install apache-mod_security-2.6.3-3.2 2. Enable the base rule set by uncommenting the lines Include conf/modsecurity/*.conf Include conf/modsecurity/base_rules/*.conf in /etc/httpd/modules.d/82_mod_security.conf 3. restart apache and view the syslog
The Optional Rule set also contains errors which can also be fixed by using the set in modsecurity-crs-2.2.5
CC: (none) => alien
Assignee: bugsquad => dlucio
This message is a reminder that Mageia 2 is nearing its end of life. Approximately one month from now Mageia will stop maintaining and issuing updates for Mageia 2. At that time this bug will be closed as WONTFIX (EOL) if it remains open with a Mageia 'version' of '2'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Mageia version prior to Mageia 2's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Mageia 2 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Mageia, you are encouraged to click on "Version" and change it against that version of Mageia. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Mageia release includes newer upstream software that fixes bugs or makes them obsolete. -- The Mageia Bugsquad
Mageia 2 changed to end-of-life (EOL) status on ''22 November''. Mageia 2 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Mageia please feel free to click on "Version" change it against that version of Mageia and reopen this bug. Thank you for reporting this bug and we are sorry it could not be fixed. -- The Mageia Bugsquad
Status: NEW => RESOLVEDResolution: (none) => OLD