[mod-security-users] Issue uploading files via http with Apache2, php 4.3.4, and mod_security.

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

I'm running on FreeBSD 4.9 STABLE, I installed Apache 2.0.48, PHP 4.3.4, and mod_security 1.7.3 from the ports.

I added the following to my httpd.conf file to enable mod_security

LoadModule security_module    libexec/apache2/mod_security.so

<IfModule mod_security.c>
    # Turn the filtering engine On or Off
    SecFilterEngine On

    # Make sure that URL encoding is valid
    SecFilterCheckURLEncoding On

    # Unicode encoding check
    SecFilterCheckUnicodeEncoding Off

    # Only allow bytes from this range
    SecFilterForceByteRange 0 255

    # Only log suspicious requests
    SecAuditEngine RelevantOnly

    # The name of the audit log file
    SecAuditLog /var/log/httpd-audit.log
    # Debug level set to a minimum
    SecFilterDebugLog /var/log/httpd-modsec_debug.log
    SecFilterDebugLevel 0

    # Should mod_security inspect POST payloads
    SecFilterScanPOST On

    # By default log and deny suspicious requests
    # with HTTP status 500
    SecFilterDefaultAction "deny,log,status:500"

</IfModule>

SecFilter DynamicOnly
SecFilterSelective REMOTE_ADDR "^xx.xx.xx.xx$" nolog,allow
SecFilter "drop[[:space:]]table"
SecFilterSelective COOKIE_sessionid "!^(|[0-9]{1,9})$"

When using a php script to upload files via http I get 64% of the file and
then it finishs as if successful, however the file is corrupt and will not
display correctly, the file size is 64% of the original size.  When I
disable mod_security in my httpd.conf file everything works fine.

If you would like to see my log files or the php script please let me
know.

Regards,
Kevin