Re: [mod-security-users] Dynamic Disable Post Scanning

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi Ivan,

> When multipart/form-data is received, apache thread terminated with 
> following in error_log
> 
> [Tue Oct 12 14:14:26 2004] [notice] child pid 24935 exit signal 
> Segmentation fault (11)

  I can confirm this. The problem should be now fixed. Please
  retrieve the updated version (revision 1.139) from the CVS and
  try again:
  http://cvs.sourceforge.net/viewcvs.py/mod-security/mod_security/apache2/

I will try and inform you the result. Thanks

> Also, following rule in the documentation seems to be incorrect :
> 
>     # Only accept request encodings we know how to handle
>     # we exclude GET requests from this because some (automated)
>     # clients supply "text/html" as Content-Type
>     SecFilterSelective REQUEST_METHOD "!^GET$" chain
>     SecFilterSelective HTTP_Content-Type 
> "!^(|application/x-www-form-urlencoded|multipart/form-data)$"
> 
> since multipart/form-data include ";boundary ...." in Content-Type.

  That's also correct but I fixed that one some time ago. I may have
  missed a spot, if I did please let me know where.

The reference manual for 1.8.4 (in PDF format) page 9 contains following 

To make sure that only requests with these two encoding types are accepted 
by the
web server, add the following line to your configuration file:

SecFilterSelective HTTP_Content-Type 
"!^(|application/x-www-form-urlencoded|
multipart/form-data)$"

Please check.

Regards,
Michael

-----------------------------------------------------------------------------------------------------------
KMB E-mail Disclaimer 

This e-mail may contain confidential, proprietary or legally privileged 
information and is intended for the attention and use of the 
addressee(s) only. If you are not the intended recipient of this 
message, you must not copy, use or disclose any part of its 
contents. Please notify the sender immediately and delete this 
message from your system. 

The KMB Group and each of its affiliates and the sender of this 
message shall not be responsible or liable for any errors or omissions
in the contents of this message as secure or error free e-mail 
transmission cannot be guaranteed. Information sent via e-mail 
could arrive late or contain viruses or be intercepted, corrupted, 
lost, destroyed, or incomplete. Unless otherwise stated, any 
information given in this message is indicative only and is subject to
our formal written confirmation.