10000 "gzip_types" directive Rule id: 200000 is duplicated · Issue #1935 · coreruleset/coreruleset · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

"gzip_types" directive Rule id: 200000 is duplicated #1935

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
mackov83 opened this issue Nov 21, 2020 · 1 comment
Closed

"gzip_types" directive Rule id: 200000 is duplicated #1935

mackov83 opened this issue Nov 21, 2020 · 1 comment
Labels
➕ False Positive

Comments

@mackov83
Copy link

Description

I have two virtual server config files which perform reverse proxy tasks. One already had modsecurity enabled and was working fine. The other I have just finished configuring so have enabled modsecurity for the first time.

As soon as I enable modsecurity on the second virtual server .conf, I get the rule ID duplicated error. Some investigation suggested it was an issue with my nginx.conf file, however I can't see why. BTW, conf.d directory is empty

Audit Logs / Triggered Rule Numbers

2020/11/22 01:45:14 [notice] 890617#890617: ModSecurity-nginx v1.0.1 (rules loaded inline/local/remote: 0/1848/0)
2020/11/22 01:45:14 [emerg] 890617#890617: "gzip_types" directive Rule id: 200000 is duplicated
 in /etc/nginx/nginx.conf:66

main.conf

# Include the recommended configuration
Include /etc/nginx/modsec/modsecurity.conf

# Other ModSecurity Rules
#
# OWASP CRS v3.3.0 rules
Include /usr/local/coreruleset-3.3.0/crs-setup.conf

# This will include all the rules, need filter later
Include /usr/local/coreruleset-3.3.0/rules/*.conf

nginx.conf

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

## Nginx ModSecurity Connector
load_module /etc/nginx/modules/ngx_http_modsecurity_module.so;

events {
        worker_connections 1024;
        # multi_accept on;
}

http {

        ##
        # Basic Settings
        ##

        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        # server_tokens off;

        # server_names_hash_bucket_size 64;
        # server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ##
        # SSL Settings
        ##

        #ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
        #ssl_prefer_server_ciphers on;

        ##
        # Logging Settings
        ##

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        ##
        # Gzip Settings
        ##

        #gzip on;

        # gzip_vary on;
        # gzip_proxied any;
        # gzip_comp_level 6;
        # gzip_buffers 16 8k;
        # gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

        ##
        # Virtual Host Configs
        ##

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}


#mail {
#       # See sample authentication script at:
#       # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
#       # auth_http localhost/auth.php;
#       # pop3_capabilities "TOP" "USER";
#       # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
#       server {
#               listen     localhost:110;
#               protocol   pop3;
#               proxy      on;
#       }
#
#       server {
#               listen     localhost:143;
#               protocol   imap;
#               proxy      on;
#       }
#}

Your Environment

Confirmation

[ x ] I have removed any personal data (email addresses, IP addresses,
passwords, domain names) from any logs posted.
@airween
Copy link
Contributor
airween commented Nov 21, 2020

Hi @mackov83,

Rule id: 200000 is duplicated in /etc/nginx/nginx.conf:66

Rule 200000 is a ModSecurity rule and not part of CRS. Therefore this does not affect CRS, so I'm going to close this issue.

Btw I think you've included the modsecurity's config file twice (or more), that's why you get the message.

@airween airween closed this as completed Nov 21, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
➕ False Positive
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@airween @mackov83
0