ModSecurity: Use modsecurity rule chain error!
My modsecurity version is 3.0.2
I add the rule to REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf,the rule is:
SecRule REQUEST_FILENAME "@beginsWith /admin" "chain,phase:1,block,log,id:1008"
SecRule REMOTE_ADDR "!@ipMatch 192.168.1.100"
But I run nginx -t is show some error “nginx: [emerg] “modsecurity_rules_file” directive Rules error. File: /usr/local/openresty/nginx/conf/modsecurity/owasp-modsecurity-crs/rules/REQUEST-901-INITIALIZATION.conf. Line: 1. Column: 75. Expecting an action, got: # ------------------------------------------------------------------------ in /usr/local/openresty/nginx/conf/vhosts/pibc_n22yeguan.conf:6 nginx: configuration file /usr/local/openresty/nginx/conf/nginx.conf test failed” After I delete this rule, the detection is OK!!!
Why??? My syntax is error?
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Reactions: 1
- Comments: 17 (9 by maintainers)
Thank you very much!