"request entity too large message" when connecting to an apache server with ModSecurity

[korsani]

Hi,
I have a standalone wordpress installation self-hosted by lws (​https://www.lws.fr/). I almost can't touch the apache' conf.
When I connect to it with the iPhone wordpress client, it returns me "HTTP/1.1 413 Request Entity Too Large"
Here is what says error.logs :
[Tue May 31 01:38:21 2011] [error] [client 82.230.17.116] ModSecurity?: Access denied with code 413 (phase 2). Match of "rx ^{0$" against "REQUEST_HEADERS:Content-Length" required. [file "/etc/apache2/modsecurity/rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "83"] [id "960904"] [rev "2.1.2"] [msg "Request Containing Content, but Missing Content-Type header"] [severity "NOTICE"] [hostname "www.malungos-paris.com"] [uri "/blog/wp-login.php"] [unique_id "foo"]
[Tue May 31 01:38:41 2011] [error] [client 82.230.17.116] ModSecurity?: Access denied with code 413 (phase 2). Match of "rx} 0$" against "REQUEST_HEADERS:Content-Length" required. [file "/etc/apache2/modsecurity/rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "83"] [id "960904"] [rev "2.1.2"] [msg "Request Containing Content, but Missing Content-Type header"] [severity "NOTICE"] [hostname "www.malungos-paris.com"] [uri "/blog/xmlrpc.php"] [unique_id "foo"]
I have an other standalone wordpress installation, but not hosted : I own it, I have full power on apache' conf, and I don't have this error (and ModSecurity? is not installed ;) ).

I put the priority of this bug to 'blocker', as I can't use the iPhone client to update the blog ...

[koke]

(In [2124]) Set Content-Length for requests with POST data. Fixes #876 (should fix it)

[koke]

Last commit should probably fix it, although looking at the log, we only hit wp-login.php on post preview, and all calls to xmlrpc.php were already using content-length.