Re: protecting against exploiting mail forms

To: debian-isp@lists.debian.org
Subject: Re: protecting against exploiting mail forms
From: Marek Podmaka <marki@onee.sk>
Date: Wed, 23 Nov 2005 11:03:20 +0100
Message-id: <[🔎] 601267854.20051123110320@onee.sk>
Reply-to: Marek Podmaka <marki@onee.sk>
In-reply-to: <[🔎] 438429F0.3070106@stroobant.be>
References: <[🔎] 1425852874.20051119121720@onee.sk> <[🔎] 437F6FCF.4010109@stroobant.be> <[🔎] 1741166728.20051123003847@onee.sk> <[🔎] 438429F0.3070106@stroobant.be>

Hello Luc,

Wednesday, November 23, 2005, 9:36:00, Luc Stroobant wrote:

>> Error: chunked Transfer-Encoding forbidden: /chat/f_upload.php
>> mod_security-message: Access denied with code 500. ap_setup_client_block failed with 411

LS> Probably this one:
LS> <http://www.modsecurity.org/documentation/modsecurity-apache-manual-1.9.html#N101B4>

  Thanks, I have read this also before, but I don't understand what's
  going on... It's apache/php saying it doesn't support chunked
  request or mod_security is denying it? If it is, how can it be
  disabled?

  For now I'm trying this workaround:
SetEnvIfNoCase Content-Type \
"^multipart/form-data;" "MODSEC_NOPOSTBUFFERING=Do not buffer file uploads"  

-- 
  bYE, Marki

Reply to:

References:
- protecting against exploiting mail forms
  - From: Marek Podmaka <marki@onee.sk>
- Re: protecting against exploiting mail forms
  - From: Luc Stroobant <debian@stroobant.be>
- Re: protecting against exploiting mail forms
  - From: Marek Podmaka <marki@onee.sk>
- Re: protecting against exploiting mail forms
  - From: Luc Stroobant <debian@stroobant.be>

Prev by Date: Re: postfix filename reject
Next by Date: FC Hardware
Previous by thread: Re: protecting against exploiting mail forms
Next by thread: Re: protecting against exploiting mail forms
Index(es):
- Date
- Thread