wkarl
Reputation: 809
mod-security causes segmentation fault
I was trying to remove a rule (numeric ip in host header) for machines on my local network:
SecRule REMOTE_ADDR "@ipMatch 192.168.178.0/24" \
"id:5,phase:1,t:none,nolog,pass,ctl:ruleRemoveTargetById=981203"
The rule is defined here:
[file "/etc/apache2/crs/owasp-modsecurity-crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "33"]
After setting this rule every request caused a segfault:
[Wed Oct 07 19:37:03.187960 2015] [core:notice] [pid 28950] AH00052: child pid 28983 exit signal Segmentation fault (11)
Upvotes: 0
Views: 826
Answers (1)
Barry Pollard
Reputation: 46040
You have specified:
ctl:ruleRemoveTargetById=981203
But not specified a target. I'm guessing you meant:
ctl:ruleRemoveById=981203
?
Shouldn't cause a segfault ideally of course but it's still wrong.
Upvotes: 4
Related Questions
- Weird behavior of Apache2 ModSecurity2
- "Not Acceptable" error was generated by Mod_Security
- ModSecurity rule 214940 warning
- Mod security rule breaking Apache configtest
- mod_security rule 981172 false positive
- mod_security rule 981203 false positive
- ModSecurity - error parsing actions unknown action \\
- Mod Security SecStatusEngine
- mod_security false positives
- Detailed Apache Error Logs For Mod-Security Configuration error