[英]Apache error 500 on large file uploads (mod_security)
As far as I've tried, none of the usual solutions works for me.据我尝试,通常的解决方案都不适用于我。 Well, my problem, I'm receiving an 500 Error every time I upload a "large file" (600 KB ~), with smaller images it works fine.
好吧,我的问题,每次上传“大文件”(600 KB ~)时都会收到 500 错误,使用较小的图像可以正常工作。 So..., even with this (extreme) .htaccess file it keeps happening, and yes, .htaccess are active:
所以...,即使有这个(极端).htaccess 文件,它也会不断发生,是的,.htaccess 是活动的:
upload_max_filesize = 100M
post_max_size = 100M
memory_limit = 128M
max_input_time = 6000
max_execution_time = 6000
So, I take a look at the logs and find this (is only one line, just pasted it as easy to read with line jumps):因此,我查看了日志并发现了这一点(只有一行,只是将其粘贴为易于阅读的行跳转):
[Mon Jul 27 17:09:28.<port> 2015] [:error] [pid 21423] [client <ip>]
ModSecurity: Access denied with code 44 (phase 2).
Match of "eq 0" against "MULTIPART_UNMATCHED_BOUNDARY" required.
[file "/etc/httpd/conf.d/mod_security.conf"]
[line "35"] [id "<another id>"]
[msg "Multipart parser detected a possible unmatched boundary."]
[hostname "<my host>"] [uri "<my script>"] [unique_id "<id (useless I think)"]
But, now I not able to find how to edit the mod_security (it has the default config, and empty activated_rules) config in order (i think) to allow this "large" file uploads.但是,现在我无法找到如何编辑 mod_security(它具有默认配置和空的 activate_rules)配置以便(我认为)允许这个“大”文件上传。 I'm running PHP 5.3 in Apache 2.4/CentOS 7.
我在 Apache 2.4/CentOS 7 中运行 PHP 5.3。
The fact you have a ModSecurity alert
means that you can't have empty activated_rules folder or you are including the rules in some other way.您有
ModSecurity alert
的事实意味着您不能有空的 activate_rules 文件夹,或者您以其他方式包含规则。
There are known problems with ModSecurity for this error and it seems very susceptible to false positives. ModSecurity 存在针对此错误的已知问题,并且它似乎很容易出现误报。
The main advice when I rule is raising too many false positives is to just turn off that rule (I'm assuming it's rule 200003 that's firing but replace the id as appropriate):当我的规则引发太多误报时,主要建议是关闭该规则(我假设触发的是规则 200003,但要根据需要替换 id):
SecRuleRemoveById 200003
尝试检查 fcgi 配置中的 FcgidBusyTimeout 参数
I got the same error:我得到了同样的错误:
ModSecurity: Access denied with code 44 (phase 2). Match of "eq 0" against "MULTIPART_UNMATCHED_BOUNDARY" required. [file "/etc/httpd/conf.d/mod_security.conf"] [line "34"] [id "200003"] [msg "Multipart parser detected a possible unmatched boundary."]
But @nilpo answer was correct I got this issue due to the image name and after changing the name issue solved.但@nilpo 答案是正确的,由于图像名称和更改名称问题解决后,我遇到了这个问题。
But it's not something I want because I know the solution but my customer did't know that they have to change the name.但这不是我想要的,因为我知道解决方案,但我的客户不知道他们必须更改名称。
Rename the file you are attempting to upload.重命名您尝试上传的文件。 This error indicates the file name contains a character that is disallowed by mod_security.
此错误表示文件名包含 mod_security 不允许的字符。 Rename the file and then try uploading it again.
重命名文件,然后再次尝试上传。 By disabling the mentioned line in mod_security.conf, it will happily skip past this check but that leaves your server open to vulnerabilities.
通过禁用 mod_security.conf 中提到的行,它会很乐意跳过此检查,但这会使您的服务器容易受到漏洞的攻击。
all i am found SOLUTION!!!我找到了解决方案!!!
UBUNTU 16.04 + Apache (MY mod_secure WORK AND UPLOAD OK) UBUNTU 16.04 + Apache(我的 mod_secure 工作和上传正常)
0. apache a2enmod headers (activate headers and .htaccess) 0. apache a2enmod 头文件(激活头文件和 .htaccess)
1. CHECK .htaccess !!!!! 1. 检查 .htaccess !!!!!!
//in .htaccess //在.htaccess中
php_value upload_max_filesize 50M php_value upload_max_filesize 50M
php_value post_max_size 50M php_value post_max_size 50M
//if you want custom in .htaccess //如果你想自定义 .htaccess
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
sudo nano /etc/apache2/mods-enabled/security2.conf - last 2 lines i am comment sudo nano /etc/apache2/mods-enabled/security2.conf -最后两行我是评论
sudo nano /etc/modsecurity/modsecurity.conf - configuration mod_secure is easy sudo nano /etc/modsecurity/modsecurity.conf -配置 mod_secure 很容易
sudo nano /etc/apache2/apache2.conf - apache configuration CTRL+W sudo nano /etc/apache2/apache2.conf - apache 配置 CTRL+W
//on/off //开关
bash->a2dismod mod-security2 //off
or或者
bash->a2dismod security2 //off bash->a2enmod mod-security2 //on bash->a2enmod security2 //on
http://www.inmotionhosting.com/support/website/modsecurity/find-and-disable-specific-modsecurity-rules http://www.inmotionhosting.com/support/website/modsecurity/find-and-disable-specific-modsecurity-rules
SecRuleRemoveById 950004 in modsecurity.conf modsecurity.conf 中的 SecRuleRemoveById 950004
4. Byteconverter - http://whatsabyte.com/P1/byteconverter.htm 4. Byteconverter - http://whatsabyte.com/P1/byteconverter.htm
THIS IS ENOUGHT!!!!够了!!!!
4 hour!! 4小时!!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.