You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Our coraza.conf-recommended file is including the following line:
SecRequestBodyNoFilesLimit 131072
As far as I can see, we are actually just reading the parameter, but we do not enforce any logic based on this (RequestBodyNoFilesLimit is not used anywhere else).
add a comment line stating that it is currently not implemented.
Do we see value in this directive? Should we prioritize its implementation? For reference, modsecurity v3 support PR is the following: owasp-modsecurity/ModSecurity#2686, are we considering another way to interpret/implement this directive?
The text was updated successfully, but these errors were encountered:
On Tue, Apr 30, 2024 at 9:39 PM Barnoux ***@***.***> wrote:
From my point of view, the *SecRequestBodyNoFilesLimit* is usefull i you
want to use coraza to do analysis on file upload.
Today if you want to analyse a file upload (for a file at 500MB as an
exampe) you have to set the directive : SecRequestBodyLimit 524288000
From ModSecurity Handbook, having the SecRequestBodyNoFilesLimit as low as
practical is a good thing.
So every request that are not a "file" a restrained to the directive
SecRequestBodyNoFilesLimit
Does setting a reasonable limit with SecRequestBodyLimit helps prevent
denial-of-service (DoS) attacks ?
—
Reply to this email directly, view it on GitHub
<#896 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAXOYAXBUIX43VW6WM4QZ23Y77XN7AVCNFSM6AAAAAA6V47BU2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAOBWHA3DOMJXGI>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
Our
coraza.conf-recommended
file is including the following line:As far as I can see, we are actually just reading the parameter, but we do not enforce any logic based on this (
RequestBodyNoFilesLimit
is not used anywhere else).#895 proposes to:
Do we see value in this directive? Should we prioritize its implementation? For reference, modsecurity v3 support PR is the following: owasp-modsecurity/ModSecurity#2686, are we considering another way to interpret/implement this directive?
The text was updated successfully, but these errors were encountered: