Messages

1

MySQL / Re: No have permissons to import

« on: August 08, 2015, 09:41:27 PM »

disabling rules can be done by using Mod Security in the CWP.admin

Hi, I got the same problem and disabling the rule by its ID using Mod Security did not work (of course I restarted apache service after modify mod secutiry). Only I can import using root account, but the others users can not import.

I got this log in mod security:

Code: [Select]

[Sat Aug 08 21:18:35 2015] [error] [client XX.XX.XX.XX] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "MULTIPART_UNMATCHED_BOUNDARY" required. [file "/usr/local/apache/modsecurity-crs/base_rules/modsecurity_crs_20_protocol_violations.conf"] [line "219"] [id "960915"] [rev "1"] [msg "Multipart parser detected a possible unmatched boundary."] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.9"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_REQ"] [tag "CAPEC-272"] [hostname "XX.XX.XX.XX"] [uri "/phpMyAdmin/import.php"] [unique_id "VcZyJX8AAAEAAEUhCg8AAAAC"]
And I added the ID "960915" on the file /usr/local/apache/conf/mod_sec_disabled_rules.conf:

Code: [Select]

SecRuleRemoveById 960915

Some any ideas?

Regards.