mod-security-users

[mod-security-users] MTOM

[Eric J. B. <eri...@gr...>]

Greetings.

Has there been any work done for MTOM through ModSecurity? Currently, the
ModSecurity WAF must be disabled for any services running MTOM due to a
conflict with line 44 of the modsecurityon configuration file. Line 44
refers to blocking requests above a certain size.

NGINX support has told me that ModSecurity does not support. They offer no
further insight other than directing me to this forum.

Any help is appreciated! Thank you.

Re: [mod-security-users] MTOM

[Victor H. <vic...@gm...>]

I think this might be a limitation with libXML itself rather than
ModSecurity. See :

https://github.com/SpiderLabs/ModSecurity/issues/435#issuecomment-26547619
https://github.com/SpiderLabs/ModSecurity/issues/902

If this is still an issue you may consider following up on #902 with the
results of your testing there.

On Thu, Jul 19, 2018 at 4:16 PM Eric J. Bielski <eri...@gr...>
wrote:

> Greetings.
>
> Has there been any work done for MTOM through ModSecurity? Currently, the
> ModSecurity WAF must be disabled for any services running MTOM due to a
> conflict with line 44 of the modsecurityon configuration file. Line 44
> refers to blocking requests above a certain size.
>
> NGINX support has told me that ModSecurity does not support. They offer no
> further insight other than directing me to this forum.
>
> Any help is appreciated! Thank you.
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
> http://www.modsecurity.org/projects/commercial/rules/
> http://www.modsecurity.org/projects/commercial/support/
>


-- 
-
Victor Ribeiro Hora