大文件上传时出现 Apache 错误 500 (mod_security)

Question

As far as I've tried, none of the usual solutions works for me. Well, my problem, I'm receiving an 500 Error every time I upload a "large file" (600 KB ~), with smaller images it works fine. So..., even with this (extreme) .htaccess file it keeps happening, and yes, .htaccess are active:

upload_max_filesize = 100M
post_max_size = 100M
memory_limit = 128M
max_input_time = 6000
max_execution_time = 6000

So, I take a look at the logs and find this (is only one line, just pasted it as easy to read with line jumps):

[Mon Jul 27 17:09:28.<port> 2015] [:error] [pid 21423] [client <ip>]    
ModSecurity: Access denied with code 44 (phase 2). 
Match of "eq 0" against "MULTIPART_UNMATCHED_BOUNDARY" required. 
[file "/etc/httpd/conf.d/mod_security.conf"] 
[line "35"] [id "<another id>"] 
[msg "Multipart parser detected a possible unmatched boundary."] 
[hostname "<my host>"] [uri "<my script>"] [unique_id "<id (useless I think)"]

But, now I not able to find how to edit the mod_security (it has the default config, and empty activated_rules) config in order (i think) to allow this "large" file uploads. I'm running PHP 5.3 in Apache 2.4/CentOS 7.

Answer 1

The fact you have a ModSecurity alert means that you can't have empty activated_rules folder or you are including the rules in some other way.

There are known problems with ModSecurity for this error and it seems very susceptible to false positives.

The main advice when I rule is raising too many false positives is to just turn off that rule (I'm assuming it's rule 200003 that's firing but replace the id as appropriate):

SecRuleRemoveById 200003

Answer 2

尝试检查 fcgi 配置中的 FcgidBusyTimeout 参数

Answer 3

I got the same error:

ModSecurity: Access denied with code 44 (phase 2). Match of "eq 0" against "MULTIPART_UNMATCHED_BOUNDARY" required. [file "/etc/httpd/conf.d/mod_security.conf"] [line "34"] [id "200003"] [msg "Multipart parser detected a possible unmatched boundary."] 

But @nilpo answer was correct I got this issue due to the image name and after changing the name issue solved.

But it's not something I want because I know the solution but my customer did't know that they have to change the name.

Answer 4

Rename the file you are attempting to upload. This error indicates the file name contains a character that is disallowed by mod_security. Rename the file and then try uploading it again. By disabling the mentioned line in mod_security.conf, it will happily skip past this check but that leaves your server open to vulnerabilities.

Answer 5

all i am found SOLUTION!!!

UBUNTU 16.04 + Apache (MY mod_secure WORK AND UPLOAD OK)

0. apache a2enmod headers (activate headers and .htaccess)

1. CHECK .htaccess !!!!!

//in .htaccess

php_value upload_max_filesize 50M

php_value post_max_size 50M

//if you want custom in .htaccess

<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>

2. https://www.maketecheasier.com/securing-apache-ubuntu/ instruction for commands

sudo nano /etc/apache2/mods-enabled/security2.conf - last 2 lines i am comment

sudo nano /etc/modsecurity/modsecurity.conf - configuration mod_secure is easy

sudo nano /etc/apache2/apache2.conf - apache configuration CTRL+W

//on/off

bash->a2dismod mod-security2 //off

or

bash->a2dismod security2 //off bash->a2enmod mod-security2 //on bash->a2enmod security2 //on

3. If you want you can remove specific rules:

http://www.inmotionhosting.com/support/website/modsecurity/find-and-disable-specific-modsecurity-rules

SecRuleRemoveById 950004 in modsecurity.conf

4. Byteconverter - http://whatsabyte.com/P1/byteconverter.htm

THIS IS ENOUGHT!!!!

4 hour!!