Changes the default configuration to mimic v2 behavior on multipart

Further info on: #1747, #1924
owasp-modsecurity · Nov 1, 2018 · 9ada0a2 · 9ada0a2
1 parent 31c8d4c
commit 9ada0a2
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 5 deletions.
diff --git a/CHANGES b/CHANGES
@@ -88,7 +88,7 @@ v3.0.3 - YYYY-MMM-DD (to be released)
  - Fixed LMDB collection errors
    [Issue #1787 - @airween, @zimmerle]
  - Fixed false positive MULTIPART_UNMATCHED_BOUNDARY errors
-   [Issue #1747 - @airween]
+   [Issue #1747, #1924 - @airween, @victorhora, @defanator, @zimmerle]
  - Fix ip tree lookup on netmask content
    [Issue #1793 - @tinselcity, @zimmerle]
  - Changes the behavior of the default sec actions

diff --git a/modsecurity.conf-recommended b/modsecurity.conf-recommended
@@ -114,10 +114,12 @@ FL %{MULTIPART_FILE_LIMIT_EXCEEDED}'"
 # allowed.
 #
 
-SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \
-"id:'200004',phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
-#SecRule MULTIPART_UNMATCHED_BOUNDARY "@eq 1" \
-#"id:'200004',phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
+#
+# See #1747 and #1924 for further information on the possible values for
+# MULTIPART_UNMATCHED_BOUNDARY.
+#
+SecRule MULTIPART_UNMATCHED_BOUNDARY "@eq 1" \
+    "id:'200004',phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
 
 
 # PCRE Tuning