Question

我正在尝试将图像上传到Web服务器。并收到错误：403。所以我检查了Apache日志，日志中有这个错误：

ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "MULTIPART_STRICT_ERROR" required. [file "/usr/local/cwaf/rules/13_HTTP_Protocol.conf"] [line "30"] [id "210240"] [rev "4"] [msg "COMODO WAF: Multipart request body failed strict validation: PE 0, BQ 1, BW 0, DB 0, DA 0, HF 0, LF 0, SM , IQ 0, IH 0, FLE 0||my_web_server.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "my_web_server.com"] [uri "/projects/BoLe/api/saveimage.php"] [unique_id "XDaxYXuIw@DonQukuLB6swAAAAs"]

根据this site，我的请求有MULTIPART_BOUNDARY_QUOTED错误，我尝试使用Google进行搜索，但我仍然不知道发生了什么。因此，我使用wireshark检查数据包

|%ÝrÜðÕ¿wëE%6@QÔ¬[ggféP3)¯W^P@)îù
POST /projects/BoLe/api/saveimage.php HTTP/1.1
Host: massmodules.com
Accept-Encoding: gzip, identity
Connection: Keep-Alive, TE
User-Agent: BestHTTP
Content-Type: multipart/form-data; boundary="8A317780"
Content-Length: 306

|%ÝrÜðÕ¿wëEZ%7@Q¬[ggféP3)°@^P@)õ`--8A317780
Content-Disposition: form-data; name="fileName"
Content-Type: text/plain; charset="utf-8"
Content-Length: 17

i_am_fileName.png
--8A317780
Content-Disposition: form-data; name="fileName2"
Content-Type: text/plain; charset="utf-8"
Content-Length: 18

i_am_fileName2.png
--8A317780--

有人可以帮我解决这个问题吗？

Answer 1

触发错误的规则是这样的：

BQ %{MULTIPART_BOUNDARY_QUOTED}, \

这在错误消息中可见：

PE 0, BQ 1, BW 0, DB 0, DA 0, HF 0, LF 0, SM , IQ 0, IH 0, FLE 0
      ⬆⬆⬆⬆

问题在于内容类型标题中有引号

Content-Type: text/plain; charset="utf-8"
                                  ⬆     ⬆

ModSecurity：使用代码403（阶段2）拒绝访问。使用“ multipart / form-data”时

1 个答案: