Re: [mod-security-users] Request Body Limit
Brought to you by:
victorhora,
zimmerletw
From: Ivan R. <iva...@gm...> - 2007-04-05 17:19:13
|
There's no one magic number for every installation. Why don't you configure a custom log to log the size of request bodies (mod_logio and %I), accumulate the information for a few days (as long as you can), and then extract your maximum request body size from there. On 4/5/07, Ian Lists <ian...@in...> wrote: > I'm having some issues where requests are erroring out because they are bigger then my configured values for SecRequestBodyLimit. I have tried increasing the limit several times but haven't found the magic number. Does anyone know a way in which I can determine the correct size to set for my environment? My setup is using Apache 2 .0 and mod_security2. My Webserver is basically just a proxy using Apache/Mod_Security and stunnel to get to an Internal WebServer. I have temporarily removed the mod_security module in order to keep the site working. Below are some of the logs I have been seeing. > > > > > > HTTP/1.1 413 Request Entity Too Large > Content-Length: 357 > Connection: close > Content-Type: text/html; charset=iso-8859-1 > > --e857fd39-H-- > Message: Request body is larger than the configured limit (531072). > Stopwatch: 1175699427520269 664 (- - -) > > > Request body is larger than the configured limit > > > Thanks, > Ian > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys-and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > -- Ivan Ristic |