github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Changes the default configuration to mimic v2 behavior on multipart

Browse Source 
Further info on: #1747, #1924
This commit is contained in:
Felipe Zimmerle
2018-11-01 18:00:12 -03:00
parent 31c8d4c520
commit 9ada0a28c8
2 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
modsecurity.conf-recommended
View File

@@ -114,10 +114,12 @@ FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
# allowed.
#
SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \
"id:'200004',phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
#SecRule MULTIPART_UNMATCHED_BOUNDARY "@eq 1" \
#"id:'200004',phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
#
# See #1747 and #1924 for further information on the possible values for
# MULTIPART_UNMATCHED_BOUNDARY.
#
SecRule MULTIPART_UNMATCHED_BOUNDARY "@eq 1" \
"id:'200004',phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
# PCRE Tuning