[ubuntu-hardened] Questions about Update Apache for Modsecurity
lannoun at runbox.com
lannoun at runbox.com
Sat May 13 13:35:57 UTC 2017
Hi,
Sorry for this dumb question. I'm installing apache2 + modsecurity.
I'm using Ubuntu 16.10 with Apache
apache2 -v
Server version: Apache/2.4.18 (Ubuntu)
Server built: 2017-05-05T16:32:00
I have installed modsecurity and started to load rules, but I got this
syntax error related to files .data and .conf on activated rules.
For example:
apache2[1408]: apache2: Syntax error on line 152 of
/etc/apache2/apache2.conf: Syntax error on line 12 of
/etc/apache2/mods-enabled/security2.conf: Syntax error on line 301 of
/usr/share/modsecurity-crs/activated_rules/modsecurity_40_generic_attacks.data:
/usr/share/modsecurity-crs/activated_rules/modsecurity_40_generic_attacks.data:338:
<input> was not
closed.\n/usr/share/modsecurity-crs/activated_rules/modsecurity_40_generic_attacks.data:301:
<![cdata[> was not closed.
I have not loaded rules form external source (at the moment) but only
from official Ubuntu's repositories.
Doing some research the problem seem related to old Apache version.
So basically AFAIK I have just to find a way to get an update Apache.
Is correct and safe if I install the version provided by Ubuntu zesty
that is the most up to date?
https://packages.ubuntu.com/search?suite=zesty&arch=any&searchon=names&keywords=apache2
by adding repo and using apt-get install -t zesty apache2
Any other suggestion for getting modsecurity to work with rules?
Thanks a lot.
Liam
More information about the ubuntu-hardened
mailing list