Debian 12 issue
NoipName opened this issue · 6 comments
Hello,
I tried to install on Debian 12 the ModSecurity with Nginx 1.26.1
After the install, the module isn't working with a simple test with this command : curl http://<SERVER-IP/DOMAIN>/index.html?exec=/bin/bash
Normaly i should have a 403 like result, but i have my nginx page test so the test it's not work
The mod I install on Debian 11 with Nginx 1.18 and that work perfecly
I tried to find where's a problem and i think i found it
On Debian 11 the package libpcre++-dev is require for the mod
But the problem is this package libpcre++-dev isn't available on Debian 12 and i think ModSecurity can't read without that package
I tried fork the package on Debian 12 and that didn't work too
If someone tried and it's work for you can you help me ? :D
Thanks avance
Hi @NoipName,
I tried to install on Debian 12 the ModSecurity with Nginx 1.26.1
First of all: how did you install your ModSecurity+Nginx setup? From source? From Debian's official repository? Any 3rd party repository?
Also: have you installed CRS (or any rule set), and set it up for the engine?
After the install, the module isn't working with a simple test with this command : curl http://<SERVER-IP/DOMAIN>/index.html?exec=/bin/bash
Normaly i should have a 403 like result, but i have my nginx page test so the test it's not work
Could you show your modsecurity.conf's relevant content? Eg. is the SecRuleEngine set to On?
The mod I install on Debian 11 with Nginx 1.18 and that work perfecly
I tried to find where's a problem and i think i found it On Debian 11 the package libpcre++-dev is require for the mod But the problem is this package libpcre++-dev isn't available on Debian 12 and i think ModSecurity can't read without that package I tried fork the package on Debian 12 and that didn't work too
In Debian 12 most application upgrade its dependency to PCRE2. Libpcre++dev is the "old" PCRE library - and this is the development part of the PCRE library. You don't need that to run neither the library nor the connector. (Even the Nginx uses PCRE2 too, but it needs only the runtime library components.)
Hi @NoipName,
I tried to install on Debian 12 the ModSecurity with Nginx 1.26.1
First of all: how did you install your ModSecurity+Nginx setup? From source? From Debian's official repository? Any 3rd party repository?
Also: have you installed CRS (or any rule set), and set it up for the engine?
After the install, the module isn't working with a simple test with this command : curl http://<SERVER-IP/DOMAIN>/index.html?exec=/bin/bash
Normaly i should have a 403 like result, but i have my nginx page test so the test it's not workCould you show your modsecurity.conf's relevant content? Eg. is the
SecRuleEngineset toOn?The mod I install on Debian 11 with Nginx 1.18 and that work perfecly
I tried to find where's a problem and i think i found it On Debian 11 the package libpcre++-dev is require for the mod But the problem is this package libpcre++-dev isn't available on Debian 12 and i think ModSecurity can't read without that package I tried fork the package on Debian 12 and that didn't work tooIn Debian 12 most application upgrade its dependency to PCRE2. Libpcre++dev is the "old" PCRE library - and this is the development part of the PCRE library. You don't need that to run neither the library nor the connector. (Even the Nginx uses PCRE2 too, but it needs only the runtime library components.)
Hello,
All installation it's from original source github of ModSecurity+Nginx and i use all directive gived by github
I installed also CRS 4.5.0 (lastest)
I checked in modsecurity SecRuleEngine is On
there's all package i installed for ModSec
There's my scripts for the installation :
thank you :D
I exported 2 config logs for compare
Left is Debian 12 with Nginx 1.26 and right is Debian 11 with Nginx 1.18
There's every different:
What you see in your log after you sent the request above?
Also: could you turn on your debug log with value 9 for a while? Only for that request. Then please share the log (or send that to modsecurity@owasp.org.
Sorry, for my late answer, i found a issue, it's because i did'nt have right package to use ModSec :D after download all requirement all working right :D