Issue libpng warning: Interlace handling should be turned on when using png_read_image

[Azurel]

I'm not sure that a problem with plesk or centos.

CentOS Linux 7.5.1804 (Core)‬
Product Plesk Onyx Version 17.5.3 Update #48

I can upload every file, but <1% of files create a strange error:

<H1>Internal Server Error</H1>
The server encountered an internal error or misconfiguration and was unable to complete your request.
<P>Please contact the server administrator to inform of the time the error occurred and of anything you might have done that may have caused the error.
<P>More information about this error may be available in the server error log.<P>

and /var/log/plesk-php72-fpm/error.log:

WARNING: [pool domain.tld] child xxxx said into stderr: "libpng warning: Interlace handling should be turned on when using png_read_image"

Anyone a idea what this means and its here a solution?

# rpm -q libpng
libpng-1.5.13-7.el7_2.x86_64

EDIT:

The error is:

[:error] ModSecurity: Access denied with code 44 (phase 2). Match of "eq 0" against "MULTIPART_UNMATCHED_BOUNDARY" required. [file "/etc/httpd/conf.d/mod_security.conf"] [line "34"] [id "200003"] [msg "Multipart parser detected a possible unmatched boundary."] [hostname "www.example.com"] [uri "/myupload"] [unique_id "W...w"], referer: https://www.example.com/myupload
[http:error] AH01579: Invalid response status 44, referer: https://www.example.com/myupload

 

[IgorG]

Looks like old bug Bug 1121035 – libpng warning: Interlace handling should be turned on when using png_read_image but you have already libpng-1.5.13-7 version.
It is the system issue, not related to Plesk, I think.

 

[Azurel]

After last server update today i tested the upload again and get still 500er error code. But there was no entry in /var/log/plesk-php72-fpm/error.log so the "libpng warning" is gone or was before only a accident?

I have look in /var/log/httpd, /var/log/nginx, /var/log/plesk-php72-fpm but there was no updated error.log. Where can I still look?

 

[Azurel]

The error is

[:error] ModSecurity: Access denied with code 44 (phase 2). Match of "eq 0" against "MULTIPART_UNMATCHED_BOUNDARY" required. [file "/etc/httpd/conf.d/mod_security.conf"] [line "34"] [id "200003"] [msg "Multipart parser detected a possible unmatched boundary."] [hostname "www.example.com"] [uri "/myupload"] [unique_id "W...w"], referer: https://www.example.com/myupload
[http:error] AH01579: Invalid response status 44, referer: https://www.example.com/myupload

So the issue comes with ModSecurity. Any idea?

EDIT: Exactly my case with "--" as issue Rule MULTIPART_UNMATCHED_BOUNDARY, id:'200003' fails on valid multipart/form-data submission · Issue #652 · SpiderLabs/ModSecurity

I have modsecurity2.9.2-1.el7

EDIT2: Tools -> Web Application Firewall is "Off", so why its catch this error?

 

[Azurel]

Solution with disabled ModSecurity is Modsecurity module is loaded right after the installation in Plesk (working for me)

Solution with enabled ModSecurity is upgrade to version 3.x Added some documentation for multipart boundary check · SpiderLabs/ModSecurity@7def498