I got one example to skip multipart request in mod security.
SetEnvIfNoCase Content-Type \
"^multipart/form-data;" "MODSEC_NOPOSTBUFFERING=Do not buffer file uploads"
I tried a lot with above example . It seems that it will not work. Will it
work in modsecurity2?
Can you please advise me about it?
Awaiting for positive reply!!!!!!!!!!!
On Thu, 2013-12-19 at 18:55 +0530, Yogesh patel wrote:
> I got one example to skip multipart request in mod security.
> SetEnvIfNoCase Content-Type \
> "^multipart/form-data;" "MODSEC_NOPOSTBUFFERING=Do not buffer file
> I tried a lot with above example . It seems that it will not work.
> Will it work in modsecurity2?
There are two things to note here. First, that syntax will not work in
ModSec2. Secondly, I would strongly suggest against disabling
ModSecurity for **all** multipart/form-data requests. Ideally you would
research the exact cause within ModSecurity that is preventing the file
upload status bar from working. From my experience this is usually
simply a matter of tweaking your ruleset. If that is not a possibility,
the next step is to disable ModSecurity just for the offending request.
For example, if the URI was /FileUpload.php, you could use a rule such
as the following at the beginning of your ruleset:
SecRule REQUEST_URI "fileupload.php"
SecRule REQUEST_METHOD POST "ctl:ruleEngine=Off,ctl:auditEngine=Off"
CTO | WAFSEC
The WAF is free, your time isn't