[mod-security-users] Help configuring mod security
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] Help configuring mod security
|
From: Joshua J. <Jos...@uk...> - 2020-11-24 13:04:13
|
Hi there,
Hope this is the right place to get help - please let me know if I should go somewhere different.
I am using mod security with apache 2. It's working fine but I want to disable one element of the rule MULTIPART_STRICT_ERROR. I want to just disable the Invalid quoting check. I've tried doing this by just deleting the line in my mod_security.conf file.
So just deleting the IQ line from here and restarting apache:
SecRule MULTIPART_STRICT_ERROR "!@eq 0" \
"id:'200002',phase:2,t:none,log,deny,status:44,msg:'Multipart request body \
failed strict validation:
PE %{REQBODY_PROCESSOR_ERROR}, \
BQ %{MULTIPART_BOUNDARY_QUOTED}, \
BW %{MULTIPART_BOUNDARY_WHITESPACE}, \
DB %{MULTIPART_DATA_BEFORE}, \
DA %{MULTIPART_DATA_AFTER}, \
HF %{MULTIPART_HEADER_FOLDING}, \
LF %{MULTIPART_LF_LINE}, \
SM %{MULTIPART_MISSING_SEMICOLON}, \
IQ %{MULTIPART_INVALID_QUOTING}, \
IP %{MULTIPART_INVALID_PART}, \
IH %{MULTIPART_INVALID_HEADER_FOLDING}, \
FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
This doesn't seem to disable that and I can only disable this check by commenting out the entire rule which I don't want to do.
Hope this is clear
This e-mail and any attachment are confidential and contain proprietary information, some or all of which may be legally privileged. It is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient, please notify the author immediately by telephone or by replying to this e-mail, and then delete all copies of the e-mail on your system. If you are not the intended recipient, you must not use, disclose, distribute, copy, print or rely on this e- mail.
Whilst we have taken reasonable precautions to ensure that this e-mail and any attachment has been checked for viruses, we cannot guarantee that they are virus free and we cannot accept liability for any damage sustained as a result of software viruses. We would advise that you carry out your own virus checks, especially before opening an attachment.
EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.
The UK firm Ernst & Young LLP is a limited liability partnership registered in England and Wales with registered number OC300001 and is a member firm of Ernst & Young Global Limited. A list of members' names is available for inspection at 1 More London Place, London, SE1 2AF, the firm's principal place of business and its registered office. Associate Partners are not members of Ernst & Young LLP. Ernst & Young LLP is a multi-disciplinary practice and is authorised and regulated by the Institute of Chartered Accountants in England and Wales, the Solicitors Regulation Authority (authorisation number 614947), the Financial Conduct Authority (registration number 196203) and other regulators. Further details can be found at https://www.ey.com/en_uk/legal-statement
|
