Re: [mod-security-users] Horde mail and "MULTIPART_UNMATCHED_BOUNDARY"
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Horde mail and "MULTIPART_UNMATCHED_BOUNDARY"
|
From: Ryan B. <Rya...@br...> - 2009-04-29 01:56:30
|
-----Original Message----- From: Andrew Grauberg [mailto:an...@ab...] Sent: Tuesday, April 28, 2009 7:59 PM To: Brian Rectanus Cc: mod...@li... Subject: Re: [mod-security-users] Horde mail and "MULTIPART_UNMATCHED_BOUNDARY" I have found the issue. It was caused by two problems: 1) I have placed the <LocationMatch> directive into vhost.con file for that directory, but the error was triggered by horde residing in webmail.mydirectory.com. To resolve this I added <LocationMatch> into httpd.conf 2) the regex SecRuleRemoveByMsg "^Multipart parser detected a possible unmatched boundary\.$" Does not work. It matches the message pattern, if I change it to SecRuleRemoveByMsg "^Multipart parser detected a possible unmatched boundary" Also tested with http://www.webdevtips.co.uk/webdevtips/resources/regex.php To make it more simple I added an extra tag id:'1989898' to the core rule and <LocationMatch "/imp/compose.php" SecRuleRemoveById 1989898 </LocationMatch> into httpd.conf I am just wondering, why don't all the rules have ids? [Ryan Barnett] All of the Core Rules have rule IDs. Where did you get this rule from? It looks like it was taken from the reference manual (http://www.modsecurity.org/documentation/modsecurity-apache/2.5.9/modsecurity2-apache-reference.html#N10F35). We are planning to add in some rules to the CRS for these new multi-part variables and they will have rule IDs. |
