The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ModSecurity Rules update, many errors as a result.

Discussion in 'Security' started by jols, Aug 13, 2013.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    I just now updated to mod_security 2.7, and then when I tried to upgrade the rule-set some of the rules, most notably the main rule set: 10_asl_rules.conf produced so many errors that I had to disable it. The two errors that I am seeing the most include:

    "Can only be specified by chain starter rules."
    "Disruptive actions can only be specified by chain starter rules."

    I upgraded so that the server would be more secure, but now I can not use the main set of modsec rules, so what can I do to get 10_asl_rules.conf going again?
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,448
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  3. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Yes. I updated the rules and still have many errors. I've made out a support ticket to cpanel.net about this, still no response.
     
  4. quietFinn

    quietFinn Well-Known Member

    Joined:
    Feb 4, 2006
    Messages:
    998
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Finland
    cPanel Access Level:
    Root Administrator

    where did you get the rules?
     
  5. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    10_asl_rules.conf is part of the atomicorp rules.

    It is possible your file is corrupted, or you have the 2.5.x ruleset with a 2.7.x install of modsec. If you are hosted at a managed service provider their staff should be able to fix this for you. That rule set is not provided by or managed by cPanel.

    Try replacing the applicable files with the updated ones:

    http://updates.atomicorp.com/channels/rules/delayed/modsec-2.7-free-latest.tar.gz
     
Loading...

Share This Page