Merge branch 'regression'

2025-11-22 03:56:05 +03:00 · 2014-01-03 05:20:05 -08:00
parent 0ddd2b4639 0ad390d12d
commit 93c5b8c6ac
9 changed files with 84 additions and 96 deletions
--- a/tests/regression/action/10-logging.t
+++ b/tests/regression/action/10-logging.t
@@ -37,7 +37,7 @@
 		SecAction "phase:1,pass,nolog,id:500007"
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/500007/, 1 ],
 		-audit => [ qr/./, 1 ],
 	},
 	match_response => {
@@ -85,7 +85,7 @@
 		SecAction "phase:1,deny,status:403,nolog,id:500009"
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/500009/, 1 ],
 		-audit => [ qr/./, 1 ],
 	},
 	match_response => {
@@ -274,7 +274,7 @@
 		SecAction "phase:1,pass,nolog,noauditlog,id:500017"
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/500017/, 1 ],
 		-audit => [ qr/./, 1 ],
 	},
 	match_response => {
@@ -320,7 +320,7 @@
 		SecAction "phase:1,pass,auditlog,nolog,id:500019"
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/500019/, 1 ],
 		-audit => [ qr/./, 1 ],
 	},
 	match_response => {
@@ -366,7 +366,7 @@
 		SecAction "phase:1,pass,noauditlog,nolog,id:500021"
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/500021/, 1 ],
 		-audit => [ qr/./, 1 ],
 	},
 	match_response => {
@@ -460,7 +460,7 @@
 		SecAction "phase:1,deny,status:403,nolog,noauditlog,id:500025"
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/500025/, 1 ],
 		-audit => [ qr/./, 1 ],
 	},
 	match_response => {
@@ -506,7 +506,7 @@
 		SecAction "phase:1,deny,status:403,auditlog,nolog,id:500027"
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/500027/, 1 ],
 		-audit => [ qr/./, 1 ],
 	},
 	match_response => {
@@ -552,7 +552,7 @@
 		SecAction "phase:1,deny,status:403,noauditlog,nolog,id:500029"
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/500029/, 1 ],
 		-audit => [ qr/./, 1 ],
 	},
 	match_response => {
--- a/tests/regression/config/10-misc-directives.t
+++ b/tests/regression/config/10-misc-directives.t
@@ -13,7 +13,7 @@
 	conf => qq(
 		SecRuleEngine on
 		SecDefaultAction "phase:1,deny,status:500"
-		SecRule REQUEST_URI "test.txt,id:500240"
+		SecRule REQUEST_URI "test.txt" "id:500241"
 	),
 	match_log => {
 		error => [ qr/ModSecurity: Access denied with code 500 \(phase 1\)/, 1 ],
--- a/tests/regression/config/10-request-directives.t
+++ b/tests/regression/config/10-request-directives.t
@@ -8,7 +8,7 @@
 		SecRuleEngine On
 		SecArgumentSeparator ";"
 		SecRule ARGS:a "@streq 1" "phase:1,deny,chain,id:500215"
-		SecRule ARGS:b "@streq 2,id:500216"
+		SecRule ARGS:b "@streq 2" ""
 	),
 	match_log => {
 		error => [ qr/Access denied with code 403 \(phase 1\)\. String match "2" at ARGS:b\./, 1 ],
@@ -26,7 +26,7 @@
 	conf => q(
 		SecRuleEngine On
 		SecRule ARGS:a "@streq 1" "phase:1,deny,chain,id:500217"
-		SecRule ARGS:b "@streq 2,id:500218"
+		SecRule ARGS:b "@streq 2" ""
 	),
 	match_log => {
 		-error => [ qr/Access denied/, 1 ],
@@ -46,7 +46,7 @@
 		SecRequestBodyAccess On
 		SecArgumentSeparator ";"
 		SecRule ARGS:a "@streq 1" "phase:2,deny,chain,id:500219"
-		SecRule ARGS:b "@streq 2,id:500220"
+		SecRule ARGS:b "@streq 2" ""
 	),
 	match_log => {
 		error => [ qr/Access denied with code 403 \(phase 2\)\. String match "2" at ARGS:b\./, 1 ],
@@ -94,7 +94,7 @@
 		SecRuleEngine On
 		SecRequestBodyAccess On
 		SecRule ARGS:a "\@streq 1" "phase:2,deny,chain,id:500223"
-		SecRule ARGS:b "\@streq 2,id:500224"
+		SecRule ARGS:b "\@streq 2" ""
 	),
 	match_log => {
 		error => [ qr/Access denied with code 403 \(phase 2\)\. String match "2" at ARGS:b\./, 1 ],
@@ -500,8 +500,8 @@
 		SecDebugLogLevel 5
 		SecCookieFormat 1
 		SecRule REQUEST_COOKIES_NAMES "\@streq SESSIONID" "phase:1,deny,chain,id:500231"
-		SecRule REQUEST_COOKIES:\$SESSIONID_PATH "\@streq /" "chain,id:500232"
-		SecRule REQUEST_COOKIES:SESSIONID "\@streq cookieval,id:500233"
+		SecRule REQUEST_COOKIES:\$SESSIONID_PATH "\@streq /" "chain"
+		SecRule REQUEST_COOKIES:SESSIONID "\@streq cookieval"
 	),
 	match_log => {
 		error => [ qr/Access denied with code 403 \(phase 1\)\. String match "cookieval" at REQUEST_COOKIES:SESSIONID\./, 1 ],
@@ -527,8 +527,8 @@
 		SecDebugLogLevel 5
 		SecCookieFormat 0
 		SecRule REQUEST_COOKIES_NAMES "\@streq SESSIONID" "phase:1,deny,chain,id:500234"
-		SecRule REQUEST_COOKIES:\$SESSIONID_PATH "\@streq /" "chain,id:500235"
-		SecRule REQUEST_COOKIES:SESSIONID "\@streq cookieval,id:500236"
+		SecRule REQUEST_COOKIES:\$SESSIONID_PATH "\@streq /" "chain"
+		SecRule REQUEST_COOKIES:SESSIONID "\@streq cookieval"
 	),
 	match_log => {
 		-error => [ qr/Access denied/, 1 ],
--- a/tests/regression/misc/00-multipart-parser.t
+++ b/tests/regression/misc/00-multipart-parser.t
@@ -267,9 +267,7 @@
        SecAuditEngine RelevantOnly
    ),
    match_log => {
-        audit => [ qr/Final boundary missing/, 1 ],
        debug => [ qr/Final boundary missing/, 1 ],
-
    },
    match_response => {
        status => qr/^200$/,
--- a/tests/regression/misc/10-tfn-cache.t
+++ b/tests/regression/misc/10-tfn-cache.t
@@ -126,8 +126,8 @@

 		# This should see cached versions of *both* ARGS_GET
 		SecRule ARGS:test "queryval" "phase:2,t:none,t:removeWhiteSpace,t:lowercase,deny,chain,id:500046"
-		SecRule ARGS:test "firstval" "t:none,t:removeWhiteSpace,t:lowercase,chain,id:500047"
-		SecRule ARGS:test "secondval" "t:none,t:removeWhiteSpace,t:lowercase,id:500017"
+		SecRule ARGS:test "firstval" "t:none,t:removeWhiteSpace,t:lowercase,chain"
+		SecRule ARGS:test "secondval" "t:none,t:removeWhiteSpace,t:lowercase"
 	),
 	match_log => {
 		debug => [ qr/removeWhiteSpace,lowercase: "queryval" .*removeWhiteSpace,lowercase: "firstval" .*cached.*removeWhiteSpace,lowercase: "secondval" .*cached/s, 1 ],
--- a/tests/regression/rule/00-basics.t
+++ b/tests/regression/rule/00-basics.t
@@ -11,7 +11,7 @@
 		SecAction "nolog,id:500001"
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/500001/, 1 ],
 		-audit => [ qr/./, 1 ],
 		debug => [ qr/Warning\. Unconditional match in SecAction\./, 1 ],
 	},
@@ -32,11 +32,11 @@
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 5
        SecDefaultAction "phase:2,deny,status:403"
-        SecRule ARGS:test "value,id:500032"
+        SecRule ARGS:test "value" "id:500032"
 	),
 	match_log => {
-		error => [ qr/ModSecurity: /, 1 ],
-		debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,deny,status:403"$/m, 1 ],
+		error => [ qr/500032/, 1 ],
+		debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,deny,status:403,id:500032"$/m, 1 ],
 	},
 	match_response => {
 		status => qr/^403$/,
@@ -57,7 +57,7 @@
 	),
 	match_log => {
 		error => [ qr/ModSecurity: /, 1 ],
-		debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,deny,status:403"$/m, 1 ],
+		debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,deny,status:403,id:500033"$/m, 1 ],
 	},
 	match_response => {
 		status => qr/^403$/,
@@ -75,12 +75,12 @@
 		SecDebugLogLevel 5
        SecDefaultAction "phase:2,log,noauditlog,pass,tag:foo"
        SecRule ARGS:test "value" "chain,phase:2,deny,status:403,id:500034"
-        SecRule &ARGS "\@eq 1" "chain,setenv:tx.foo=bar,id:500035"
-        SecRule REQUEST_METHOD "\@streq GET,id:500036"
+        SecRule &ARGS "\@eq 1" "chain,setenv:tx.foo=bar"
+        SecRule REQUEST_METHOD "\@streq GET"
 	),
 	match_log => {
 		error => [ qr/ModSecurity: /, 1 ],
-		debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,log,noauditlog,tag:foo,chain,deny,status:403"\r?\n.*Rule [0-9a-f]+: SecRule "&ARGS" "\@eq 1" "chain,setenv:tx.foo=bar"\r?\n.*Rule [0-9a-f]+: SecRule "REQUEST_METHOD" "\@streq GET"\r?\n/s, 1 ],
+		debug => [ qr/Rule [0-9a-f]+: SecRule "ARGS:test" "\@rx value" "phase:2,log,noauditlog,tag:foo,chain,deny,status:403,id:500034"\r?\n.*Rule [0-9a-f]+: SecRule "&ARGS" "\@eq 1" "chain,setenv:tx.foo=bar"\r?\n.*Rule [0-9a-f]+: SecRule "REQUEST_METHOD" "\@streq GET"\r?\n/s, 1 ],
 	},
 	match_response => {
 		status => qr/^403$/,
--- a/tests/regression/rule/10-xml.t
+++ b/tests/regression/rule/10-xml.t
@@ -8,6 +8,7 @@
 	conf => qq(
 		SecRuleEngine On
 		SecRequestBodyAccess On
+        SecXmlExternalEntity On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
 		SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500005, \\
@@ -55,6 +56,7 @@
 	conf => qq(
 		SecRuleEngine On
 		SecRequestBodyAccess On
+        SecXmlExternalEntity On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
 		SecAuditEngine RelevantOnly
@@ -104,6 +106,7 @@
 	conf => qq(
 		SecRuleEngine On
 		SecRequestBodyAccess On
+        SecXmlExternalEntity On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
 		SecAuditEngine RelevantOnly
@@ -154,6 +157,7 @@
 	conf => qq(
 		SecRuleEngine On
 		SecRequestBodyAccess On
+        SecXmlExternalEntity On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
 		SecAuditEngine RelevantOnly
@@ -204,6 +208,7 @@
 	conf => qq(
 		SecRuleEngine On
 		SecRequestBodyAccess On
+        SecXmlExternalEntity On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
 		SecAuditEngine RelevantOnly
@@ -254,6 +259,7 @@
 	conf => qq(
 		SecRuleEngine On
 		SecRequestBodyAccess On
+        SecXmlExternalEntity On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
 		SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500020, \\
@@ -297,6 +303,7 @@
 	conf => qq(
 		SecRuleEngine On
 		SecRequestBodyAccess On
+        SecXmlExternalEntity On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
 		SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500023, \\
@@ -340,6 +347,7 @@
 	conf => qq(
 		SecRuleEngine On
 		SecRequestBodyAccess On
+        SecXmlExternalEntity On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
 		SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500026, \\
@@ -383,6 +391,7 @@
 	conf => qq(
 		SecRuleEngine On
 		SecRequestBodyAccess On
+        SecXmlExternalEntity On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
 		SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500029, \\
--- a/tests/regression/rule/20-exceptions.t
+++ b/tests/regression/rule/20-exceptions.t
@@ -8,11 +8,11 @@
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
-		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:1"
-		SecRuleRemoveById 1
+		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:101010"
+		SecRuleRemoveById 101010
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/101010/, 1 ],
 		-audit => [ qr/./, 1 ],
 		debug => [ qr/Starting phase REQUEST_HEADERS\..*This phase consists of 0 rule.*Starting phase RESPONSE_HEADERS\./s, 1 ],
 		-debug => [ qr/Access denied/, 1 ],
@@ -31,13 +31,13 @@
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
-		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:1"
-		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:2"
-		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:3"
-		SecRuleRemoveById 1 2 3
+		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:101010"
+		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:202020"
+		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:303030"
+		SecRuleRemoveById 101010 202020 303030
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/101010|202020|303030/, 1 ],
 		-audit => [ qr/./, 1 ],
 		debug => [ qr/Starting phase REQUEST_HEADERS\..*This phase consists of 0 rule.*Starting phase RESPONSE_HEADERS\./s, 1 ],
 		-debug => [ qr/Access denied/, 1 ],
@@ -56,13 +56,13 @@
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
-		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:1"
-		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:2"
-		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:3"
-		SecRuleRemoveById 1-3
+		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:101010"
+		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:202020"
+		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:303030"
+		SecRuleRemoveById 101010-303030
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/101010|202020|303030/, 1 ],
 		-audit => [ qr/./, 1 ],
 		debug => [ qr/Starting phase REQUEST_HEADERS\..*This phase consists of 0 rule.*Starting phase RESPONSE_HEADERS\./s, 1 ],
 		-debug => [ qr/Access denied/, 1 ],
@@ -81,14 +81,14 @@
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
-		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:1"
-		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:2"
-		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:3"
-		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:4"
-		SecRuleRemoveById 1 2-4
+		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:101010"
+		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:202020"
+		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:303030"
+		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:404040"
+		SecRuleRemoveById 101010 202020-404040
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/101010|202020|303030|404040/, 1 ],
 		-audit => [ qr/./, 1 ],
 		debug => [ qr/Starting phase REQUEST_HEADERS\..*This phase consists of 0 rule.*Starting phase RESPONSE_HEADERS\./s, 1 ],
 		-debug => [ qr/Access denied/, 1 ],
@@ -109,11 +109,11 @@
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
-		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:1,msg:'testing rule',id:500001"
+		SecRule REQUEST_URI "test" "phase:1,deny,status:500,msg:'testing rule',id:500001"
 		SecRuleRemoveByMsg "testing rule"
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/500001/, 1 ],
 		-audit => [ qr/./, 1 ],
 		debug => [ qr/Starting phase REQUEST_HEADERS\..*This phase consists of 0 rule.*Starting phase RESPONSE_HEADERS\./s, 1 ],
 		-debug => [ qr/Access denied/, 1 ],
@@ -134,13 +134,13 @@
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
-		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:1,msg:'testing rule',id:500002"
-		SecRuleUpdateActionById 1 "pass,nolog"
+		SecRule REQUEST_URI "test" "phase:1,deny,status:500,msg:'testing rule',id:500002"
+		SecRuleUpdateActionById 500002 "pass,nolog"
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/500002/, 1 ],
 		-audit => [ qr/./, 1 ],
-		debug => [ qr/id:1,.*,pass,nolog/, 1 ],
+		debug => [ qr/id:500002,pass,nolog/, 1 ],
 		-debug => [ qr/Access denied/, 1 ],
 	},
 	match_response => {
@@ -157,14 +157,14 @@
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
-		SecRule REQUEST_URI "test" "phase:1,deny,status:500,id:1,msg:'testing rule',chain,id:500003"
-        SecRule ARGS "bar,id:500004"
-		SecRuleUpdateActionById 1 "pass,nolog"
+		SecRule REQUEST_URI "test" "phase:1,deny,status:500,msg:'testing rule',chain,id:500003"
+        SecRule ARGS "bar"
+		SecRuleUpdateActionById 500003 "pass,nolog"
 	),
 	match_log => {
-		-error => [ qr/ModSecurity: /, 1 ],
+		-error => [ qr/500003/, 1 ],
 		-audit => [ qr/./, 1 ],
-		debug => [ qr/id:1,.*,pass,nolog/, 1 ],
+		debug => [ qr/id:500003,pass,nolog/, 1 ],
 		-debug => [ qr/Access denied/, 1 ],
 	},
 	match_response => {
--- a/tests/regression/server_root/conf/httpd.conf.in
+++ b/tests/regression/server_root/conf/httpd.conf.in
@@ -1,49 +1,30 @@
 ### Base configuration for starting Apache httpd

+LoadModule proxy_module @APXS_LIBEXECDIR@/mod_proxy.so
+LoadModule proxy_http_module @APXS_LIBEXECDIR@/mod_proxy_http.so
+LoadModule unique_id_module @APXS_LIBEXECDIR@/mod_unique_id.so
+# TODO: Need to have these configurable
+LoadModule security2_module @MSC_BASE_DIR@/apache2/.libs/mod_security2.so
+
+<IfVersion >= 2.4>
+    LoadModule access_compat_module /usr/lib/apache2/modules/mod_access_compat.so
+    LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so
+    LoadModule authn_core_module /usr/lib/apache2/modules/mod_authn_core.so
+    LoadModule authz_core_module /usr/lib/apache2/modules/mod_authz_core.so
+</IfVersion>
+
+ServerName localhost
+CoreDumpDirectory @MSC_REGRESSION_SERVERROOT_DIR@/tmp
+LogLevel debug
+ErrorLog @MSC_REGRESSION_LOGS_DIR@/error.log
+
 <IfDefine !CHROOT>
 	# File locations
 	PidFile @MSC_REGRESSION_LOGS_DIR@/httpd.pid
 	ScoreBoardFile @MSC_REGRESSION_LOGS_DIR@/httpd.scoreboard
-</IfDefine>

-<IfModule !mod_proxy.c>
-	LoadModule proxy_module @APXS_LIBEXECDIR@/mod_proxy.so
-	LoadModule proxy_http_module @APXS_LIBEXECDIR@/mod_proxy_http.so
-</IfModule>
-<IfModule !mod_unique_id.c>
-	LoadModule unique_id_module @APXS_LIBEXECDIR@/mod_unique_id.so
-</IfModule>
-
-<IfDefine !NOMODSEC>
-	# TODO: Need to have these configurable
-	LoadModule security2_module @MSC_BASE_DIR@/apache2/.libs/mod_security2.so
-</IfDefine>
-
-ServerName localhost
-
-CoreDumpDirectory @MSC_REGRESSION_SERVERROOT_DIR@/tmp
-
-LogLevel debug
-ErrorLog @MSC_REGRESSION_LOGS_DIR@/error.log
-
-<IfVersion >= 2.4>
-    LoadModule access_compat_module /usr/lib/apache2/modules/mod_access_compat.so
-    LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so
-</IfVersion>
-
-<IfDefine !CHROOT>
 	DocumentRoot @MSC_REGRESSION_DOCROOT_DIR@
 	<Directory "@MSC_REGRESSION_DOCROOT_DIR@">
 		Options +Indexes +FollowSymLinks
-		AllowOverride None
-
-        <IfVersion >= 2.4>
-            Allow from all
-            Satisfy Any
-        </IfVersion>
-
-        <IfVersion < 2.4>
-            Require all granted
-        </IfVersion>
 	</Directory>
 </IfDefine>