Syntax error on line 52 of /etc/modsecurity/activated_rules/modsecurity_crs_20_protocol_violations.conf: SOLVED

During the configuration of owasp modsecurity core rule set (CRS) the following error appeared

Syntax error on line 52 of /etc/modsecurity/activated_rules/modsecurity_crs_20_protocol_violations.conf:

The main reasons are the previously installed version of libapache2-modsecurity and OWASP CRS.

dpkg -s libapache2-modsecurity | grep Version
Version: 2.6.6-6+deb7u1


libapache2-modsecurity version 2.6.6-6 doesn’t work correctly with owasp csr 2.2.8-1

The earlier version of owasp core rule set is needed.

and here it is a basic configuration of apache modsecurity

aptitude install libapache2-modsecurity

cp /etc/modsecurity/modsecurity.conf-recommended /etc/apache2/conf.d/modsecurity.conf

vim /etc/apache2/conf.d/modsecurity.conf

customize settings

SecRuleEngine DetectionOnly

SecRequestBodyAccess On

SecDebugLog /var/log/apache2/modsecurity-debug.log

SecDebugLogLevel 3

a2enmod mod-security
a2enmod headers
apachectl configtest
/etc/init.d/apache2 reload

Now configure owasp mod-security

tar xvf v2.2.5
cp -r SpiderLabs-owasp-modsecurity-crs-5c28b52/* /etc/modsecurity/
mv /etc/modsecurity/modsecurity_crs_10_setup.conf.example /etc/modsecurity/modsecurity_crs_10_setup.conf
cd /etc/modsecurity/base_rules/
for f in * ; do ln -s /etc/modsecurity/base_rules/$f /etc/modsecurity/activated_rules/$f;done
cd /etc/modsecurity/optional_rules/
for f in * ; do ln -s /etc/modsecurity/optional_rules/$f /etc/modsecurity/activated_rules/$f; done
vim /etc/apache2/mods-available/mod-security.conf
add owasp config files
Include "/etc/modsecurity/activated_rules/*.conf"

apachectl configtest
/etc/init.d/apache2 reload

permalinks /%postname%/ error 404 not found in wordpress

During the hosting migration a wordpress cms, there was a problem with permalinks and postnames, when you try to access a random categories the error 404 not found appears.

To solve the problem make sure your virtualhost looks like that.

Options +FollowSymlinks
AllowOverride All
Order allow,deny
Allow from all

In the wordpress cms, navigate to Tools->Permalinks->Custom Structur ( /%postname%/ )

This is output generated from wordpress cms .htaccess file

BEGIN WordPress

RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress

mod_evasive prevent DOS attacks on apache webserver

aptitude search mod-evasive
p libapache2-mod-evasive – evasive module to minimize HTTP DoS or brute force attacks

aptitude install libapache2-mod-evasive

mkdir -p /var/log/apache2/evasive

chown -R www-data:root /var/log/apache2/evasive/

vim /etc/apache2/mods-available/mod-evasive.load

LoadModule evasive20_module /usr/lib/apache2/modules/

DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 100
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 600
DOSLogDir “/var/log/apache2/evasive”
DOSEmailNotify [email protected]

apachectl configtest
Syntax OK

apachectl restart

No such file or directory: Failed to enable the ‘httpready’ Accept Filter

зареждаме драйвера

kldload accf_http

BSD# /usr/local/etc/rc.d/apache22 restart
Performing sanity check on apache22 configuration:
Syntax OK
Stopping apache22.
Waiting for PIDS: 55392.
Performing sanity check on apache22 configuration:
Syntax OK
Starting apache22.

добавяме го да се изпълнява при стартирането на системата

BSD# echo ‘accf_http_load=”YES”‘ >> /boot/loader.conf