Modsecurity: Custom rules in 2.9.0 not working with 3.0.0

Created on 13 Jun 2018  路  4Comments  路  Source: SpiderLabs/ModSecurity

The custom rules that I used earlier with 2.9 version of modsecurity does not work with new compilation(modsecurity v3.0 and connector). The error that I receive while restarting nginx is:

SecRuleUpdateActionById is not yet supported in /usr/local/nginx/conf/nginx.conf:49

Is there anything that I should change for this error to be fixed? My custom rule is as follows: SecRuleUpdateActionById 200004 "allow"
How can I add this rule in version 3.0.0?

3.x

Most helpful comment

Hi @tsyj,

Trying to have it implemented for v3.0.3. Placed the milestone label.

All 4 comments

Is there a plan to support the SecRuleUpdateActionById directive in the near future? @zimmerle

Hi @tsyj,

Trying to have it implemented for v3.0.3. Placed the milestone label.

Can anyone recommend a workaround until SecRuleUpdateActionById support is added, aside from editing the rule directly?

fixed in current v3/master.

Was this page helpful?
0 / 5 - 0 ratings