Uploaded image for project: 'Modules'
  1. Modules
  2. MODULES-10871

apache : Disable ModSecurity SecRule

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Normal
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: apache
    • Labels:
      None
    • Environment:

       

       

    • Template:
      MODULES Bug Template
    • QA Risk Assessment:
      Needs Assessment

      Description

      Basic Info
      Module Version: puppetlabs-apache (v5.5.0)
      Puppet Version: 5.5.10-4
      OS Name/Version: Debian 10 - buster

      Describe your issue in as much detail as possible...

      Desired Behavior:

      There should be an option to disable or entirely remove the following SecRule configured in modules/apache/templates/mod/security.conf.erb.

          SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \
       
            "id:'200003',phase:2,t:none,log,deny,status:44,msg:'Multipart parser detected a possible unmatched boundary.'"
      

      This will fix the problematic as mentioned on this Github issue: https://github.com/SpiderLabs/ModSecurity/pull/2193 .

      Actual Behavior:

      Puppet has this rule enabled by default in the template:

      modules/apache/templates/mod/security.conf.erb

      Creating a new file to add custom rules inside /etc/modsecurity will also get overwritten due to the settings configured in the following:

      modules/apache/templates/mod/security.conf.erb
      

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            CamZie Anna Camille Dela Cruz
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:

                Zendesk Support