search

acouvreur / traefik-modsecurity-plugin

Traefik plugin to proxy requests to owasp/modsecurity-crs:apache container
https://plugins.traefik.io/plugins/628c9eadffc0cd18356a9799/modsecurity-plugin
Apache License 2.0
142 stars 25 forks source link

"body max limit reached: http: request body too large" since 1.2.0 #9

Closed igoooor closed 2 years ago

igoooor commented 2 years ago

Hello,

Since I updated to 1.2.0, a simple post request (not uploading files) gives this error message: body max limit reached: http: request body too large

Reverting to 1.1.0 fixes the problem.

igoooor commented 2 years ago

ah, I just found out it is the new configuration

igoooor commented 2 years ago

Is it be possible that the default 10Mb is somehow smaller than 10Mb? Because it was really a simple post request (just submitting a login form) and I got the message above, with the default maxBodySize

Enrico204 commented 2 years ago

It should not, there is a test in the configuration and the max is configured here: https://github.com/acouvreur/traefik-modsecurity-plugin/blob/bf893e0295e9d6b71f768bdfc1271cf28e07ac77/modsecurity.go#L51

You may check the POST size using the Firefox/Chrome development toolbar. If it's bigger than 10MB, then you can tune the maxBodySize parameter.

If it's smaller, then we may indeed have a bug :-)

igoooor commented 2 years ago

I will test v1.2.0 more during the night (CET)

igoooor commented 2 years ago

so could #10 be the cause of my problems here?

acouvreur commented 2 years ago

so could #10 be the cause of my problems here?

I think it is