starred/ngx_waf
1
0
Fork 0
mirror of https://github.com/ADD-SP/ngx_waf.git synced 2026-04-26 22:15:55 +03:00
Code Issues 20 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #118] 按最佳实践 开启 ModSecurity 报错 #89

New issue
Closed
opened 2026-03-04 12:18:50 +03:00 by kerem · 1 comment
kerem commented 2026-03-04 12:18:50 +03:00
Owner
Copy link

Originally created by @b111110110 on GitHub (Jan 4, 2023).
Original GitHub issue: https://github.com/ADD-SP/ngx_waf/issues/118

  • ngx_waf: Current

  • nginx -V
    nginx version: nginx/1.16.1
    built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
    built with OpenSSL 1.0.2k-fips 26 Jan 2017
    TLS SNI support enabled
    configure arguments: --prefix=/usr/local/nginx --user=www --group=www --with-http_auth_request_module --with-http_gzip_static_module --with-http_realip_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-stream --with-stream_ssl_module --add-module=ngx_devel_kit-0.3.1 --add-module=lua-nginx-module-0.10.18 --add-module=form-input-nginx-module-0.12 --add-module=headers-more-nginx-module-0.33 --add-module=naxsi-1.3/naxsi_src --add-module=nginx-upstream-fair --add-module=ngx_cache_purge-2.3 --add-module=ngx_http_geoip2_module-3.3 --add-module=ngx_waf-10.1.2 --with-cc-opt=-std=gnu99

  • 日志
    nginx: [emerg] ngx_waf: Rules error. File: /usr/local/nginx/conf/modsecurity/owasp/REQUEST-922-MULTIPART-ATTACK.conf. Line: 27. Column: 53. Expecting a variable, got: : MULTIPART_PART_HEADERS:charset "!@eq 0" \ in /usr/local/nginx/conf/vhost/***.conf:20
    nginx: configuration file /usr/local/nginx/conf/nginx.conf test failed

Originally created by @b111110110 on GitHub (Jan 4, 2023). Original GitHub issue: https://github.com/ADD-SP/ngx_waf/issues/118 * ngx_waf: Current * `nginx -V` nginx version: nginx/1.16.1 built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC) built with OpenSSL 1.0.2k-fips 26 Jan 2017 TLS SNI support enabled configure arguments: --prefix=/usr/local/nginx --user=www --group=www --with-http_auth_request_module --with-http_gzip_static_module --with-http_realip_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-stream --with-stream_ssl_module --add-module=ngx_devel_kit-0.3.1 --add-module=lua-nginx-module-0.10.18 --add-module=form-input-nginx-module-0.12 --add-module=headers-more-nginx-module-0.33 --add-module=naxsi-1.3/naxsi_src --add-module=nginx-upstream-fair --add-module=ngx_cache_purge-2.3 --add-module=ngx_http_geoip2_module-3.3 --add-module=ngx_waf-10.1.2 --with-cc-opt=-std=gnu99 * 日志 nginx: [emerg] ngx_waf: Rules error. File: /usr/local/nginx/conf/modsecurity/owasp/REQUEST-922-MULTIPART-ATTACK.conf. Line: 27. Column: 53. Expecting a variable, got: : MULTIPART_PART_HEADERS:_charset_ "!@eq 0" \ in /usr/local/nginx/conf/vhost/***.conf:20 nginx: configuration file /usr/local/nginx/conf/nginx.conf test failed
kerem closed this issue 2026-03-04 12:18:51 +03:00
kerem commented 2026-03-04 12:18:51 +03:00
Author
Owner
Copy link

@b111110110 commented on GitHub (Jan 6, 2023):

找到原因了, MULTIPART_PART_HEADERS 需要 ModSecurity v2.9.6/v3.0.8 版本支持, 我安装版本是v3.0.7所以会报错.
解决办法是将 REQUEST-922-MULTIPART-ATTACK.conf 文件重命名, 这样就不会被加载.

https://coreruleset.org/20220919/crs-version-3-3-3-and-3-2-2-covering-several-cves/

<!-- gh-comment-id:1373166452 --> @b111110110 commented on GitHub (Jan 6, 2023): 找到原因了, MULTIPART_PART_HEADERS 需要 ModSecurity v2.9.6/v3.0.8 版本支持, 我安装版本是v3.0.7所以会报错. 解决办法是将 REQUEST-922-MULTIPART-ATTACK.conf 文件重命名, 这样就不会被加载. https://coreruleset.org/20220919/crs-version-3-3-3-and-3-2-2-covering-several-cves/
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
lts
lts-dev
add_sp/refactor-replace-libcurl-with-subreq
current-dev
current
current-dev-backup
v6.1.10
v10.1.2
v6.1.9
v6.1.8
v10.1.1
v10.1.0
v6.1.7
v10.0.1
v10.0.0
v9.0.6
v9.0.5
v6.1.6
v6.1.5
v9.0.4
v9.0.3
v9.0.2
v9.0.1
v9.0.0
v8.0.3
v6.1.4
v8.0.2
v8.0.1
v6.1.3
v8.0.0
v7.1.0
v6.1.2
v7.0.1
v7.0.0
v6.1.1
v6.1.0
v6.0.3
v6.0.2
v6.0.2-beta.1
v6.0.1
v6.0.1-beta.2
v6.0.1-beta.1
v6.0.0
v6.0.0-beta.4
v5.5.1
v6.0.0-beta.2
v6.0.0.beta.3
v6.0.0-beta.1
v5.5.0
v5.4.2
v5.4.2-beta.2
v5.4.2-beta.1
v5.4.1
v5.4.1-beta.1
v5.4.0
v5.4.0-beta.1
v5.3.2
v5.3.1
v5.3.0
v5.3.0-beta.4
v5.3.0-beta.3
v5.3.0-beta.2
v5.3.0-beta.1
v5.2.0
v5.2.0-beta.2
v5.2.0-beta.1
v5.1.1
v5.1.1-beta.1
v5.1.0
v5.0.0
v5.0.0-beta.5
v5.0.0-beta.4
v5.0.0-beta.3
v5.0.0-beta.2
v5.0.0-beta.1
v4.1.0-beta.4
v4.1.0-beta.3
v4.1.0-beta.2
v4.1.0-beta.1
v4.0.0
v4.0.0-beta.2
v3.1.6
v3.2.0-beta.1
v3.1.5
v3.1.4
v3.1.3
v3.1.2
v3.1.1
v3.1.0
v3.1.0-beta-1
v3.0.3-beta-3
v3.0.2
v3.0.3-beta-2
v3.0.3-beta-1
v3.0.2-beta-2
v3.0.2-beta-1
v3.0.1
v3.0.0
v3.0.0-beta-2
v3.0.0-beta-1
v2.1.1
v2.1.0
v2.0.2
v2.0.1
v2.0.1-beta-1
v2.0.0
v2.0.0-beta.1
v1.0.1
v1.0.0
v1.0.0-RC2
v1.0.0-RC1
Labels
Clear labels   
MacOS

   
Nginx

   
OpenResty

   
Tengine

   
bug

   
documentation

   
enhancement

   
needs-investigation

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
stale

   
stale

   
stale

   
timeout

   
wontfix
No labels
MacOS
Nginx
OpenResty
Tengine
bug
documentation
enhancement
needs-investigation
pull-request
question
stale
stale
stale
timeout
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/ngx_waf#89
No description provided.