Resolved Plesk Obsidian Version 18.0.56 Update #4 on Ubuntu 22.04.3 LTS ModSecurity upload error on WordPress

[copec]

Server operating system version

Ubuntu 22.04.3 LTS

Plesk version and microupdate number

Plesk Obsidian Version 18.0.56 Update #4

I'm getting an error:

ModSecurity: Request body (Content-Length) is larger than the configured limit (134217728)

when a customer tries to upload a file larger than that respective limit in the WordPress control panel.

This customer wants to upload short videos in their WordPress instance, and needs a 1GB limit, so that's the limit I've targeted in setting nginx client_max_body_size, apache2 FcgidMaxRequestLen under /opt/psa/admin/conf/templates/default/ as well as LimitRequestBody and SecResponseBodyLimit; I've also set the limits in PHP. I've regenerated all the configs and even recursively grep'd the entire server for 134217728, but I don't know where it is coming from.

I have applied the following and had a second set of eyes check it out for me too:

https://support.plesk.com/hc/en-us/articles/12376956284695

https://support.plesk.com/hc/en-us/articles/12388040127383

https://support.plesk.com/hc/en-us/articles/12377887232023-Cannot-set-up-client-max-body-size-for-nginx-in-Plesk-emerg-client-max-body-size-directive-is-duplicate

Anybody know where this limit is coming from?

 

[copec]

Okay, I knew posting a question would make me look at something and figure it out!

You want to set SecRequestBodyLimit for uploads, not SecResponseBodyLimit

I'll put this here for posterity:

LimitRequestBody 1073741824
<IfModule mod_security2.c>
    SecResponseBodyLimit 1073741824
    SecRequestBodyLimit 1073741824
</IfModule>