“Multipart parser detected a possible unmatched boundary. severity CRITICAL”
This is a challenging one:
I have a shared hosting plan (or rather, the client has) and was going to install CMS Made Simple which is all good. However, whenever I want to add a new page or update it through the CMS (hitting the submit button which submits a form) I would get a status code 403 (forbidden). I checked the access log and it shows that this seems to happen on POST requests only.
My hosting company told me they were seeing this error in the error log, output by the security module:
and told me that the data packets of my browser were not HTTP compliant. They also told me that they have deactivated the filter rule that triggers this error for now but that this error is not normal.
Multipart parser detected a possible unmatched boundary. severity CRITICAL
Now, my question would be: What could be the reason for this issue and how could I overcome it without being able to modify the server configuration or the CMS core? Is this a false positive, maybe, and they should modify the filter rule? Could this be caused by a browser plugin on my side (cookies, anyone?)?
The server has suPHP installed, by the way, and I have not modified any directory permissions, all directories are 755 and all files are 644.
Would be happy if anyone could spare an idea.
Edit: OK, I’ve found out that the CMS doesn’t support (or care about) mod_security and it could be some variable name or something that triggers the firewall. Is there any way to find out to which pattern mod_security is reacting?