Hey Phillppe, Sorry for the trouble you've been having. You've stumbled across a known bug. This is due to a bug in a few older Apache versions (as described here https://github.com/SpiderLabs/owasp-modsecurity-crs/blob/v3.0/master/KNOWN_BUGS#L18). There are two different approaches to fixing it. Either upgrade Apache, or you can go to the location specified in the error (line 36 of DATA-LEAKAGES) and add a space before the line continuation ( '\' ). Thank you for reaching out to us, let me know if this solves the issue!
On Fri, Jul 28, 2017 at 12:30 AM, Philippe Naudin <nau...@supagro.inra.fr> wrote: > Hello, > > I have a problem with the installation of CRS and I am not able to > understand it. > On a Debian Jessie, with libapache2-mod-security2-2.9.1-2~bpo8+1 and > owasp-modsecurity-crs from github.com/SpiderLabs, apache2 -t gives the > following error : > > AH00526: Syntax error on line 40 > of /etc/modsecurity/crs/REQUEST-941-APPLICATION-ATTACK-XSS.conf Error > parsing actions: Unknown action: \\ > > After commenting out rule 941100, there is another error : > > AH00526: Syntax error on line 36 > of /etc/modsecurity/crs/RESPONSE-950-DATA-LEAKAGES.conf Error parsing > actions: Unknown action: \\ > > Once rules 941100 and 950130 have been commented, apache can read its > configuration and work correctly (also tested in paranoia levels 2 > and 3). > > Using debian's package modsecurity-crs-3.0.0-3~bpo8+1, there is no > problem at all. > > Do you know some test or log or whatever that can help me to find the > origin of this problem ? > > Thanks, > > -- > Philippe Naudin > _______________________________________________ > Owasp-modsecurity-core-rule-set mailing list > Owasp-modsecurity-core-rule-set@lists.owasp.org > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set > -- -- Chaim Sanders http://www.ChaimSanders.com
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
