New Install - error - regular expression too large - rules 1.12

GeoffBoyle · June 8, 2014, 6:57pm

Hi
I I’m running mod_security 2.6.8, I’ve also tried 2.7.7 and received the same error.

Apache doesn’t like cwaf_05.conf in latest rules, 1.12
If I comment out the specific rules it runs fine.
See below.
I saw a note in a previous thread about adding the following lines to my modsecurity.conf
SecPcreMatchLimit 150000
SecPcreMatchLimitRecursion 150000
but it didn’t make any difference.

[root@dev01 cwaf]# apachectl configtest
Syntax error on line 67 of /etc/httpd/cwaf/cwaf_05.conf:
Error creating rule: Error compiling pattern (offset 0): regular expression too large
[root@dev01 cwaf]# apachectl configtest
Syntax error on line 475 of /etc/httpd/cwaf/cwaf_05.conf:
Error creating rule: Unknown variable: MULTIPART_FILENAME

Any tips?

akabakov · June 10, 2014, 10:26am

Hello!
“Error creating rule: Unknown variable: MULTIPART_FILENAME” is discussed here:
https://forums.comodo.com/free-modsecurity-rules-comodo-web-application-firewall-b223.0/-t102728.0.html.
Please, tell us about your OS, mod_security and pcre version and how mod_security update have been done. To get pcre version use the next command:

# pcretest -C