Hello, I have a problem with the installation of CRS and I am not able to understand it. On a Debian Jessie, with libapache2-mod-security2-2.9.1-2~bpo8+1 and owasp-modsecurity-crs from github.com/SpiderLabs, apache2 -t gives the following error :
AH00526: Syntax error on line 40 of /etc/modsecurity/crs/REQUEST-941-APPLICATION-ATTACK-XSS.conf Error parsing actions: Unknown action: \\ After commenting out rule 941100, there is another error : AH00526: Syntax error on line 36 of /etc/modsecurity/crs/RESPONSE-950-DATA-LEAKAGES.conf Error parsing actions: Unknown action: \\ Once rules 941100 and 950130 have been commented, apache can read its configuration and work correctly (also tested in paranoia levels 2 and 3). Using debian's package modsecurity-crs-3.0.0-3~bpo8+1, there is no problem at all. Do you know some test or log or whatever that can help me to find the origin of this problem ? Thanks, -- Philippe Naudin _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
