• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Resolved modsecurity POST failure with 413 Request Entity too large?

raytracy

Basic Pleskian
My modsecurity has blocked some normal POST and logged with:

--9673be0a-F--
HTTP/1.1 413 Request Entity Too Large
Content-Length: 373
Connection: close
Content-Type: text/html; charset=iso-8859-1

--9673be0a-H--
Message: Request body no files data length is larger than the configured limit (1048576).. Deny with
code (413)


Is there any way to increase the modsecurity POST limit from 1048576 to more?
 
Hi raytracy,

when switching on "Web Application Firewall ( ModSecurity )" with a pre-defined rule-set, you are still able to customize your own, unique rules, which can overwrite existent ones. Pls. follow for example The "Atomic Wiki" at



Note:
The initial, default "SecRequestBodyLimit" setting is defined with a liberal 128 MB ( = 134217728 byte ) - limit.

The initial, default "SecRequestBodyNoFilesLimit" setting is defined with a liberal 1 MB ( = 1048576 byte ) - limit.
Actually, it is NOT recommended to raise this limit... it is rather documented by most server provider to REDUCE this limit to for example 131072 byte ( 128 KB ! ), due to the fact that this setting should be as low as possible/pratical.

For a unique ( not recommended !!! ) 512 MB - limit at "SecRequestBodyLimit" use:
Code:
SecRequestBodyLimit 536870912

For a unique ( not recommended !!! ) 10 MB - limit at "SecRequestBodyNoFilesLimit" use:
Code:
SecRequestBodyNoFilesLimit 10485760

Important note:
Be aware, that there is a HARD LIMIT of 1 GB for "SecRequestBodyLimit", which can't be overwritten!
Be aware, that there is a HARD LIMIT of 1 GB for "SecRequestBodyNoFilesLimit", which can't be overwritten!
Note as well, that IF you customize rules, you do this on your very own risk and without the support from Plesk, or the vendor support from the pre-defined rule-set provider!

Pls. consider as well to read the official documentation at => https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual for further informations!​
 
Hi raytracy,

when switching on "Web Application Firewall ( ModSecurity )" with a pre-defined rule-set, you are still able to customize your own, unique rules, which can overwrite existent ones. Pls. follow for example The "Atomic Wiki" at



Note:
The initial, default "SecRequestBodyLimit" setting is defined with a liberal 128 MB ( = 134217728 byte ) - limit.

The initial, default "SecRequestBodyNoFilesLimit" setting is defined with a liberal 1 MB ( = 1048576 byte ) - limit.
Actually, it is NOT recommended to raise this limit... it is rather documented by most server provider to REDUCE this limit to for example 131072 byte ( 128 KB ! ), due to the fact that this setting should be as low as possible/pratical.

For a unique ( not recommended !!! ) 512 MB - limit at "SecRequestBodyLimit" use:
Code:
SecRequestBodyLimit 536870912
For a unique ( not recommended !!! ) 10 MB - limit at "SecRequestBodyNoFilesLimit" use:
Code:
SecRequestBodyNoFilesLimit 10485760

Important note:
Be aware, that there is a HARD LIMIT of 1 GB for "SecRequestBodyLimit", which can't be overwritten!
Be aware, that there is a HARD LIMIT of 1 GB for "SecRequestBodyNoFilesLimit", which can't be overwritten!
Note as well, that IF you customize rules, you do this on your very own risk and without the support from Plesk, or the vendor support from the pre-defined rule-set provider!

Pls. consider as well to read the official documentation at => https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual for further informations!​

It is valuable info for me!! I will tune it carefully.

By the way, where is the correct config file that I should add these directives?
I have found some in /etc/httpd/conf/plesk.conf.d/server.conf:

<IfModule mod_security2.c>
SecRuleEngine On
SecRequestBodyAccess On
SecRequestBodyLimit 134217728
SecResponseBodyAccess On
SecResponseBodyLimit 524288
SecAuditEngine RelevantOnly
SecAuditLog "/var/log/modsec_audit.log"
SecAuditLogType serial
SecRuleRemoveById "340149,340162,350147,340159"
Include "/etc/httpd/conf/plesk.conf.d/modsecurity.conf"
</IfModule>


But it looks like that will be modified by Plesk and wipe out my customization?
 
But it looks like that will be modified by Plesk and wipe out my customization?
... correct... that's why I linked to the wiki - page, where is it very well described, how you setup YOUR OWN modifications. ;)

Quoted from the Wiki - page of Atomicorp:
Installing custom rules
Step 1) Create your custom rules directory:


mkdir /etc/httpd/modsecurity.custom.d
....
....
 
Back
Top