Re: [mod-security-users] mod_security-message: Invalid multipart/form-data

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Thai Duong wrote:
> Hi guys,
> 
> When I turned SecFilterScanPOST on and tried to send an email with 
> SquirrelMail, mod-sec reported that error.

   Just that? What is the exact error message you get? Make a test
   with debug logging enabled on level 9 - there may be additional
   messages in the debug log. However, fatal errors are all logged
   to the Apache error log.

> As fas as I know, this error 
> occured due to the fact that SquirrelMail (and many other webmail apps) 
> compose-form has "multipart/form-data" as request encoding even if you 
> dont attach files with your email. When mod-sec sees 
> "multipart/form-data", it expects to see the long POST_PAYLOAD 
> containing the attachments, and ends up with that error when there is no 
> attachment.

   No, that's not the problem. It's something else. Are you using
   a recent version of mod_security?

   I suspect file permissions, but you should find out for sure from
   the debug log.

-- 
Ivan Ristic
Apache Security (O'Reilly) - http://www.apachesecurity.net
Open source web application firewall - http://www.modsecurity.org