I am configuring modsecurity-crs for my apache2 server running on debian 8 jessie. After installing modsecurity and making symbolic links for both base_rules and optional_rules, apache2 cannot restart. Using
sudo journalctl | tail
shows the error message
'AH00526: Syntax error on line 51 of ../modsecurity-crs/activated_rules/modsecurity_crs_16_session_hijacking.conf'.
Ok I found the answer here. - https://github.com/SpiderLabs/owasp-modsecurity-crs/commit/e2fbef4ce89fed0c4dd338002b9a090dd2f6491d Essentially there's a bug in the crs module. You need to delete the word 'chain' from line 49 of modsecurity_crs_16_session_hijacking.conf You can do this using 'sudo nano modsecurity_crs_16_session_hijacking.conf' and then scroll to the line, delete the words 'chain' then press Ctrl+O then Ctrl+X After editing restart the apache service with 'sudo /etc/init.d/apache2 start