ModSecurity: No action id present within the rule
Question
[root@vmn-ssd-42 ~]# httpd -t
Syntax error on line 17 of /etc/httpd/conf.d/mod_security.conf:
ModSecurity: No action id present within the rule
SecRuleEngine On
SecRequestBodyAccess On
SecRule REQUEST_HEADERS:Content-Type "text/xml" \
"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
SecRule REQUEST_HEADERS:Content-Type "multipart/form-data" \
"chain,phase:2,t:none,t:lowercase,deny,msg:'ModSecurity DoS attempt - NULL part header name'"
1 answers
solution1
2 2018-02-13 18:48:38
Since ModSecurity 2.7 the id attribute is mandatory . Your second rule does not contain an id.
Change it from this:
SecRule REQUEST_HEADERS:Content-Type "multipart/form-data" \
"chain,phase:2,t:none,t:lowercase,deny,msg:'ModSecurity DoS attempt - NULL part header name'"
To this (assuming rule id 200001 is not used elsewhere):
SecRule REQUEST_HEADERS:Content-Type "multipart/form-data" \
"id:'200001', chain,phase:2,t:none,t:lowercase,deny,msg:'ModSecurity DoS attempt - NULL part header name'"
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Disaabe rule by ID in modsecurity on apache
Apache ModSecurity: another rule with the same id error
ModSecurity CSRF rule alert
ModSecurity rule 214940 warning
How to include same modsecurity rules in multiple virtual hosts without changing the id for each rule and each host?
Updating an arugement of a ModSecurity Core Rule
modsecurity 2 — disable logging for specific rule ids?
How can I modify a pattern in Modsecurity Core Rule Set
Could not block IP address of brute force attack using modsecurity & core rule set
ModSecurity rule giving SQL Injection false positives, generating 500 Internal Server Error, even when using PHP PDO prepared statements
Related Tags