Changes the default configuration to mimic v2 behavior on multipart

Further info on: #1747, #1924
2025-08-13 21:36:00 +03:00 · 2018-11-01 18:00:12 -03:00 · 2018-11-01 18:00:12 -03:00 · 9ada0a28c8
commit 9ada0a28c8
parent 31c8d4c520
2 changed files with 7 additions and 5 deletions
--- a/2
+++ b/2
@ -88,7 +88,7 @@ v3.0.3 - YYYY-MMM-DD (to be released)
 - Fixed LMDB collection errors
   [Issue #1787 - @airween, @zimmerle]
 - Fixed false positive MULTIPART_UNMATCHED_BOUNDARY errors
-   [Issue #1747 - @airween]
+   [Issue #1747, #1924 - @airween, @victorhora, @defanator, @zimmerle]
 - Fix ip tree lookup on netmask content
   [Issue #1793 - @tinselcity, @zimmerle]
 - Changes the behavior of the default sec actions
--- a/modsecurity.conf-recommended
+++ b/modsecurity.conf-recommended
@ -114,10 +114,12 @@ FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
 # allowed.
 #

-SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \
-"id:'200004',phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
-#SecRule MULTIPART_UNMATCHED_BOUNDARY "@eq 1" \
-#"id:'200004',phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
+#
+# See #1747 and #1924 for further information on the possible values for
+# MULTIPART_UNMATCHED_BOUNDARY.
+#
+SecRule MULTIPART_UNMATCHED_BOUNDARY "@eq 1" \
+    "id:'200004',phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"


 # PCRE Tuning