Re: [mod-security-users] Rules blocking cms uploads
Brought to you by:
victorhora,
zimmerletw
From: Jose P. V. L. <pab...@gm...> - 2013-07-23 12:46:48
|
Thanks for yor help!! Kind regards, 2013/7/23 Kurktchiev, Boris <bo...@un...> > I just had to "solve" the same problem, you can just remove the deny in > the rule and it will at least keep a log of the action but still allow the > uploads. > > -B > > On Jul 23, 2013, at 8:36 AM, Jose Pablo Valcárcel Lázaro > <pab...@gm...> > wrote: > > > Good afternoon. > > > > I have been detected a blocking rule which is a false positive for a cms > file uploads as you can see over the netx trace: > > [Tue Jul 23 13:29:45 2013] [error] [client X.X.X.X] ModSecurity: Access > denied with code 44 (phase 2). Match of "eq 0" against > "MULTIPART_UNMATCHED_BOUNDARY" required. [file > "/etc/httpd/conf.d/mod_security.conf"] [line "97"] [id "XXXXXX"] [msg > "Multipart parser detected a possible unmatched boundary"] [hostname > "XXXXXX"] [uri "XXXXXXXX"] [unique_id "Ue5pJ1LCWiEAAEeawbAAAAAW"] > > > > I have commented rule which trigger a false positive: > > #SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" "id:'200003', phase:2, > t:none, log, deny, status:44, msg:'Multipart parser detected a possible > unmatched boundary'" > > > > Is there any way to solve it without comment that rule? > > > > Thanks in advance. > > > > Kind regards, > > > ------------------------------------------------------------------------------ > > See everything from the browser to the database with AppDynamics > > Get end-to-end visibility with application monitoring from AppDynamics > > Isolate bottlenecks and diagnose root cause in seconds. > > Start your free trial of AppDynamics Pro today! > > > http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk_______________________________________________ > > mod-security-users mailing list > > mod...@li... > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > http://www.modsecurity.org/projects/commercial/rules/ > > http://www.modsecurity.org/projects/commercial/support/ > > > > ------------------------------------------------------------------------------ > See everything from the browser to the database with AppDynamics > Get end-to-end visibility with application monitoring from AppDynamics > Isolate bottlenecks and diagnose root cause in seconds. > Start your free trial of AppDynamics Pro today! > http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ > |