Re: [mod-security-users] SecRequestBodyLimit don't work inside <Directory>
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] SecRequestBodyLimit don't work inside <Directory>
|
From: Reindl H. <h.r...@th...> - 2014-11-03 21:32:33
|
Am 03.11.2014 um 22:18 schrieb Ryan Barnett: > While this doesn't address the exact bug/issue you are encountering, most > of these types of configuration and policy changes can be achieved by > using normal SecRules with "ctl" actions vs. using Apache-specific scoping > directives. > > Something like this would achieve the same effect as placing the > SecRequestBodyLimit directive nested inside Apache Vhost and Directory > containers - > > SecRule REQUEST_HEADERS:host "@streq www.foo.com" "chain,id:1,pass,nolog" > SecRule REQUEST_FILENAME "@contains /path/to/directory" > "ctl:requestBodyLimit=419430400" yes, but the real problem is that normally "apachectl -t" is supposed to raise an error if someone is using a directive in a non-supported context - that's important to make sure coniguration is used currently it's even not clear if the behavior is intentional and what possible other settings are silently ignored within vhost configs > On 11/3/14 11:13 AM, "Reindl Harald" <h.r...@th...> wrote: > >> modsec 2.0 / httpd 2.4.10 >> >> is it intentional that given you have a global default of 157286400 you >> need to put "SecRequestBodyLimit" directly inside the vhost instead in >> the <Directory> directive inside the vhost definition? >> >> also a <Location /> inside the vhost don't work where at least some >> years ago we used for sure <LocationMatch> to raise the limit only for a >> specific script instead the whole vhost >> ________________________________________________ >> >> <Vhost> >> <Directory> >> *php settings* >> <IfModule mod_security2.c> >> SecRequestBodyLimit 419430400 >> </IfModule> >> </Directory> >> </Vhost> >> >> Request body (Content-Length) is larger than the configured limit >> (157286400) >> ________________________________________________ >> >> <Vhost> >> <Directory> >> *php settings* >> </Directory> >> <IfModule mod_security2.c> >> SecRequestBodyLimit 419430400 >> </IfModule> >> </Vhost> >> >> works fine |
