Hi All,
I recently had an issue with phpmyadmin installed via script.
All aspects of phpmyadmin worked correctly except for import a file which kept giving a 403 error message. This was due to SecRule MULTIPART_UNMATCHED_BOUNDARY which showed up in Apache error logs.
With mod_security2 you cannot use .htaccess files to set conditions to filter mod_security2's actions it will just stop apache2 from working.
After a lot of searching I found you have to create rules which for most part people added to apache2.conf files. This isn't always a good thing as altering those files can be problematic. However you can create whitelists.
Whitelists can be used to add rules etc for specific things, in my case for phpmyadmin which I use on a number of sites each one an individual install. This however required a catch all for all phpmyadmin examples on the server.
The way to do this is to create a whitelist file in /etc/modsecurity
You can call it whatever you wish as long as it ends in .conf .. the reason being that all .conf files in the folder are called by the mod_security apache2 plugin
Once done you can simply add the following rule
<Location "/phpmyadmin">
SecRuleRemoveById 200004
</Location>
This tells the module to remove the said rule by its ID number from all instances of phpmyadmin so allowing import to work.
This can be done for any other rule using its ID for any other program.
I hope this helps others who may run into a similar issue and struggle to find a solution.