|
From: Piotr K. <pio...@gm...> - 2011-06-29 13:24:32
|
On Tue, Jun 7, 2011 at 11:43, Piotr Koper <pio...@gm...> wrote: > Config: > > SecRuleEngine DetectionOnly > SecRequestBodyAccess On > SecRequestBodyLimit 10 > > Result with big POST: > > proxy host: > [Tue Jun 07 10:40:51 2011] [error] [client a.b.c.d] ModSecurity: Request > body (Content-Length) is larger than the configured limit (2048). [hostname > "test"] [uri "/test"] [unique_id "Te3kEwoNzNMAACBtAX0AAAAA"] > > Should be: [Tue Jun 07 10:40:51 2011] [error] [client a.b.c.d] ModSecurity: Request body (Content-Length) is larger than the configured limit (10). [hostname "test"] [uri "/test"] [unique_id "Te3kEwoNzNMAACBtAX0AAAAA"] > the request is then passed to the mod_proxy_balancer and to the another > host with but the application gets corrupted data - data is truncated to the > SecRequestBodyLimit. > > I've also tried setting "SecRuleEngine On" with "SecRequestBodyLimitAction > ProcessPartial" but the result is the same - proxied POST data is corrupted. > > Removing SecRuleEngine from the configuration couses proxying without any > problems. > Please, help. |
