[mod-security-users] Horde mail and "MULTIPART_UNMATCHED_BOUNDARY"
Brought to you by:
victorhora,
zimmerletw
From: Andrew G. <an...@ab...> - 2009-04-27 05:52:41
|
Hi All, I am getting "Access denied" when trying to forward a message via Horde webmail. The modsec_debug.log shows the following message: [webmail.xxx.com/sid#2b359d9ff0c0][rid#2b35a30070c8][/imp/compose.php][1] [file "/etc/httpd/conf/mod_security_rules/min.conf"] [line "59"] [msg "Multipart parser detected a possible unmatched boundary."] Access denied with code 403 (phase 2). Match of "eq 0" against "MULTIPART_UNMATCHED_BOUNDARY" required. My question: How can I disable only this particular rule for that domain in vhost.conf? I could place something like: <LocationMatch "/imp/compose.php"> SecRuleRemoveById xxx </LocationMatch> But in that case there is no rule id# for that rule in the min.conf. It refers to the rule: # Did we see anything that might be a boundary? SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \ "phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'" Please, help. Thanks |