ModSecurity Rules update, many errors as a result.

jols

Well-Known Member
Mar 13, 2004
1,110
3
168
I just now updated to mod_security 2.7, and then when I tried to upgrade the rule-set some of the rules, most notably the main rule set: 10_asl_rules.conf produced so many errors that I had to disable it. The two errors that I am seeing the most include:

"Can only be specified by chain starter rules."
"Disruptive actions can only be specified by chain starter rules."

I upgraded so that the server would be more secure, but now I can not use the main set of modsec rules, so what can I do to get 10_asl_rules.conf going again?
 

jols

Well-Known Member
Mar 13, 2004
1,110
3
168
Yes. I updated the rules and still have many errors. I've made out a support ticket to cpanel.net about this, still no response.
 

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
10_asl_rules.conf is part of the atomicorp rules.

It is possible your file is corrupted, or you have the 2.5.x ruleset with a 2.7.x install of modsec. If you are hosted at a managed service provider their staff should be able to fix this for you. That rule set is not provided by or managed by cPanel.

Try replacing the applicable files with the updated ones:

http://updates.atomicorp.com/channels/rules/delayed/modsec-2.7-free-latest.tar.gz