Mod Security Multipart request body failed strict validation error

When uploading images (or other files) to your website, you may see that there is an error within your site that is preventing your content from uploading. This will typically come as a 406 error, but sometimes may also come across as a HTTP error as it does in WordPress when uploading a disallowed image. Upon checking the server error logs, you may see something like the following:

[Mon Sep 22 13:13:14 2014] [error] [client 123.123.123.123] ModSecurity: Access denied with code 44 (phase 2). Match of “eq 0” against “MULTIPART_STRICT_ERROR” required. [file “/usr/local/apache/conf/modsec2.conf”] [line “15”] [id “1234123456”] [msg “Multipart request body failed strict validation: PE 0, BQ 0, BW 0, DB 0, DA 0, HF 0, LF 0, SM 0, IQ 1, IP 0, IH 0, FL 0”] [hostname “example.com”] [uri “wp-admin/async-upload.php”]

In this article, we will show you the cause of this error and how to resolve it.

How is this error caused?

This error is caused by mod_security blocking a potentially malicious upload. While it may be completely harmless, mod_security has no way of knowing if it is harmless or not.

Typically, the content in question is a file being uploaded which contains a special character such as a single or double quote within the file name which is often used by attackers to inject malicious scripts into websites.

How do I resolve the issue?

Simply put, rename the file to remove the offending special character from the file name.

If renaming the file is absolutely out of the question, you may disable mod_security using the cPanel Modsec Manager or if on a VPS or Dedicated server, contact Technical Support to have the rule disabled. This is, however, highly discouraged as it could open your site up to potential attack.

Thoughts on “Mod Security Multipart request body failed strict validation error

  • Maibe the file need to be reformat to a legal string. We have several cases with modsecurity that file contained an illegal size. For example a pdf that have to re-print to a new file using dinA4.

    Regards.

Leave a Reply