ModSecurity:访问被拒绝,代码为 403(第 2 阶段)。使用 "multipart/form-data" 时
ModSecurity: Access denied with code 403 (phase 2). When using "multipart/form-data"
我正在尝试将图像上传到网络服务器。并收到Error:403。所以我检查了 Apache 日志,我在日志中有这个错误:
ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "MULTIPART_STRICT_ERROR" required. [file "/usr/local/cwaf/rules/13_HTTP_Protocol.conf"] [line "30"] [id "210240"] [rev "4"] [msg "COMODO WAF: Multipart request body failed strict validation: PE 0, BQ 1, BW 0, DB 0, DA 0, HF 0, LF 0, SM , IQ 0, IH 0, FLE 0||my_web_server.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "my_web_server.com"] [uri "/projects/BoLe/api/saveimage.php"] [unique_id "XDaxYXuIw@DonQukuLB6swAAAAs"]
根据 this site,我的请求有 MULTIPART_BOUNDARY_QUOTED 错误,我尝试 Google 它但我仍然不明白发生了什么。因此我使用 wireshark 来检查数据包
|%ÝrÜðÕ¿wëE%6@QÔ¬[ggféP3)¯W^P@)îù
POST /projects/BoLe/api/saveimage.php HTTP/1.1
Host: massmodules.com
Accept-Encoding: gzip, identity
Connection: Keep-Alive, TE
User-Agent: BestHTTP
Content-Type: multipart/form-data; boundary="8A317780"
Content-Length: 306
|%ÝrÜðÕ¿wëEZ%7@Q¬[ggféP3)°@^P@)õ`--8A317780
Content-Disposition: form-data; name="fileName"
Content-Type: text/plain; charset="utf-8"
Content-Length: 17
i_am_fileName.png
--8A317780
Content-Disposition: form-data; name="fileName2"
Content-Type: text/plain; charset="utf-8"
Content-Length: 18
i_am_fileName2.png
--8A317780--
有人可以帮我解决这个问题吗?
触发错误的规则是:
BQ %{MULTIPART_BOUNDARY_QUOTED}, \
这在错误消息中可见:
PE 0, BQ 1, BW 0, DB 0, DA 0, HF 0, LF 0, SM , IQ 0, IH 0, FLE 0
⬆⬆⬆⬆
问题是您在 content-type header
中有引号
Content-Type: text/plain; charset="utf-8"
⬆ ⬆
我正在尝试将图像上传到网络服务器。并收到Error:403。所以我检查了 Apache 日志,我在日志中有这个错误:
ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "MULTIPART_STRICT_ERROR" required. [file "/usr/local/cwaf/rules/13_HTTP_Protocol.conf"] [line "30"] [id "210240"] [rev "4"] [msg "COMODO WAF: Multipart request body failed strict validation: PE 0, BQ 1, BW 0, DB 0, DA 0, HF 0, LF 0, SM , IQ 0, IH 0, FLE 0||my_web_server.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "my_web_server.com"] [uri "/projects/BoLe/api/saveimage.php"] [unique_id "XDaxYXuIw@DonQukuLB6swAAAAs"]
根据 this site,我的请求有 MULTIPART_BOUNDARY_QUOTED 错误,我尝试 Google 它但我仍然不明白发生了什么。因此我使用 wireshark 来检查数据包
|%ÝrÜðÕ¿wëE%6@QÔ¬[ggféP3)¯W^P@)îù
POST /projects/BoLe/api/saveimage.php HTTP/1.1
Host: massmodules.com
Accept-Encoding: gzip, identity
Connection: Keep-Alive, TE
User-Agent: BestHTTP
Content-Type: multipart/form-data; boundary="8A317780"
Content-Length: 306
|%ÝrÜðÕ¿wëEZ%7@Q¬[ggféP3)°@^P@)õ`--8A317780
Content-Disposition: form-data; name="fileName"
Content-Type: text/plain; charset="utf-8"
Content-Length: 17
i_am_fileName.png
--8A317780
Content-Disposition: form-data; name="fileName2"
Content-Type: text/plain; charset="utf-8"
Content-Length: 18
i_am_fileName2.png
--8A317780--
有人可以帮我解决这个问题吗?
触发错误的规则是:
BQ %{MULTIPART_BOUNDARY_QUOTED}, \
这在错误消息中可见:
PE 0, BQ 1, BW 0, DB 0, DA 0, HF 0, LF 0, SM , IQ 0, IH 0, FLE 0
⬆⬆⬆⬆
问题是您在 content-type header
中有引号Content-Type: text/plain; charset="utf-8"
⬆ ⬆