Re: [mod-security-users] Problems with phpMyAdmin and mod_security

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi,

Re your response from 9/1/2006, this also affects ASP.NET when in
proxy mode, as the VIEWSTATE variable can be 4096 characters at times.

can this be made a configurable option?

i understand the need to limit this, to prevent new bof attacks
against web servers etc, but it would be nice to know exactly what
having a 8096 byte buffer does to the rest of the mod_security
internals.

Alex

------------

Gerwin Krist -|- Digitalus Webhosting wrote:
Heya,

Customers of us using phpmyadmin are getting a 406 error, the log file says=
:

Error processing request body: Multipart: part header line over 1024 bytes
long

No clue what this mean, anyone?

  The size of multipart/form-data part headers is limited. These headers
  are normally very simple so I find it very unusual the limit has been
  triggered. You can change this limit yourself by editing the line that
  says:

  #define MULTIPART_BUF_SIZE              1024

  To make sure it is not a bug of some kind, please increase the
  limit to 4096 and record one request using the audit log.

  Thanks!

--
Ivan Ristic, Technical Director
Thinking Stone, http://www.thinkingstone.com
Tel: +44 20 8141 2161, Fax: +44 87 0762 3934