mod_security: another rule with same ID

I ran into a similar problem while following a tutorial - http://www.tecmint.com/protect-apache-using-mod_security-and-mod_evasive-on-rhel-centos-fedora/

My httpd.conf file already had an include for *.conf and the tutorial had me explicitly include the modsecurity.conf file. As a result, all my rules were duplicates because the conf file was included twice.


It's hard to say exactly where the duplication is occurring based on the information you've provided. Essentially, a rule is being included twice which is usually defined within the modsecurity.conf file. You may be including this file twice, or you have copied its content into another apache conf file. To find the problem, you'll need to search for the duplicate rule. Here's a command that'll do that:

find /etc/httpd -name '*.conf' -exec grep -H "'200000'" {} \;

Once you discover which other file contains the rule (or perhaps its inside modsecurity.conf twice), you'll need to think of a way to organize your rules in a way so that the rules are not included twice. These instructions provide a good basis for using the OWASP ModSecurity Core Rule Set.