ModSecurity: Access denied with code 403 (phase 2). When using "multipart/form-data"

Question

I am trying to upload image to web server. And receive Error:403. So I check the Apache log, I have this error in log:

ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "MULTIPART_STRICT_ERROR" required. [file "/usr/local/cwaf/rules/13_HTTP_Protocol.conf"] [line "30"] [id "210240"] [rev "4"] [msg "COMODO WAF: Multipart request body failed strict validation: PE 0, BQ 1, BW 0, DB 0, DA 0, HF 0, LF 0, SM , IQ 0, IH 0, FLE 0||my_web_server.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "my_web_server.com"] [uri "/projects/BoLe/api/saveimage.php"] [unique_id "XDaxYXuIw@DonQukuLB6swAAAAs"]

According to this site my requests have MULTIPART_BOUNDARY_QUOTED error and I tried to Google it and I still don't understand what is happening. Therefore I used wireshark to check the packet

|%ÝrÜðÕ¿wëE%6@QÔ¬[ggféP3)¯W^P@)îù
POST /projects/BoLe/api/saveimage.php HTTP/1.1
Host: massmodules.com
Accept-Encoding: gzip, identity
Connection: Keep-Alive, TE
User-Agent: BestHTTP
Content-Type: multipart/form-data; boundary="8A317780"
Content-Length: 306

|%ÝrÜðÕ¿wëEZ%7@Q¬[ggféP3)°@^P@)õ`--8A317780
Content-Disposition: form-data; name="fileName"
Content-Type: text/plain; charset="utf-8"
Content-Length: 17

i_am_fileName.png
--8A317780
Content-Disposition: form-data; name="fileName2"
Content-Type: text/plain; charset="utf-8"
Content-Length: 18

i_am_fileName2.png
--8A317780--

Could someone help me solve this problem?

Answer 1

The rule that triggered the error is this one:

BQ %{MULTIPART_BOUNDARY_QUOTED}, \

This is visible in the error message:

PE 0, BQ 1, BW 0, DB 0, DA 0, HF 0, LF 0, SM , IQ 0, IH 0, FLE 0
      ⬆⬆⬆⬆

The issue is that you have quotes in the content-type header

Content-Type: text/plain; charset="utf-8"
                                  ⬆     ⬆