ModSecurity File Upload Error With SecRequestBodyNoFilesLimit - How to fix it ?









Are you facing ModSecurity File Upload Error With SecRequestBodyNoFilesLimit?

This guide will help you.


When the ModSecurity parameter SecRequestBodyNoFilesLimit has reached the limit, you will not be able to upload any files. As a result, it will throw some errors.

SecRequestBodyNoFilesLimit Sets the maximum request body size, excluding uploaded files.

Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to resolve ModSecurity related errors.

In this context, we shall look into how to resolve this error message relating to ModSecurity.


How to resolve ModSecurity File Upload Error With SecRequestBodyNoFilesLimit ?

Recently, one of our customers approached us telling us that he was not able to upload files to the Plesk server. 

Here received the below error message when trying to upload the files:

Request Entity Too Large
The requested resource
/upload-a-file/
does not allow request data with POST requests, or the amount of data provided in the request exceeds the capacity limit.

Also, the following error was present in /var/www/vhosts/example.com/logs/error_log file:

[:error] [pid 21701] [client 2xx.0.1xx.2] ModSecurity: Request body no files data length is larger than the configured limit (1048576).. Deny with code (413) [hostname "www.example.com"] [uri "/wp-admin/admin-ajax.php"]

This happens when the WAF_SECREQUESTBODYNOFILESLIMIT parameter value reached its limit.

Now let us see how our Support Experts resolve this error message for our customer.

In order to resolve the error, we first, we log into the server via SSH.

Next, we open /etc/asl/config file. For that, we use the vi text editor.

Here, in the file, we increase the value for the WAF_SECREQUESTBODYNOFILESLIMIT directive, for example to the value as below:

WAF_SECREQUESTBODYNOFILESLIMIT "10000000"

Then we save the file and exit from it.

Finally, we execute the command below to update the rulesets:

# for i in daily weekly monthly; do /usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php -f UpdateModSecurityRuleSet --period "${i}"; done


[Need urgent assistance in fixing ModSecurity errors? – We are here to help you. ]

Conclusion

This article covers ModSecurity File Upload Error With SecRequestBodyNoFilesLimit error which happens when the ModSecurity parameter SecRequestBodyNoFilesLimit has reached the limit.

When this issue occurs, you will be Unable to upload file to the website: Request body no files data length is larger than the configured limit.

This error can occur when WAF_SECREQUESTBODYNOFILESLIMIT parameter value reached its limit.


Symptoms of ModSecurity File Upload Error:

1. Unable to upload a file to the website hosted in Plesk with the error:

413 Request entity too large

Request Entity Too Large

The requested resource

/upload-a-file/

does not allow request data with POST requests, or the amount of data provided in the request exceeds the capacity limit.

2. ModSecurity component is installed on the server.

3. The following error can be found in /var/www/vhosts/example.com/logs/error_log file:

[:error] [pid 21701] [client 203.0.112.2] ModSecurity: Request body no files data length is larger than the configured limit (1048576).. 

Deny with code (413) [hostname "www.example.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Wakfj-fvNMmcLKLp-n8PjQAAAAE"]


Steps to resolve ModSecurity File Upload Error:

1. Log into the server via SSH.

2. Open /etc/asl/config file using the vi text editor.

3. Increase the value for the WAF_SECREQUESTBODYNOFILESLIMIT directive, for example to the value as below:

WAF_SECREQUESTBODYNOFILESLIMIT "10000000"

Note: it is specified in Bytes.

4. Execute the command below to update the rulesets:

for i in daily weekly monthly; do /usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php -f UpdateModSecurityRuleSet --period "${i}"; done

This way the change will remain persistent after any updates/rulesets changes.




Keep In Touch

We hope to hear from you.

Accept File Type: jpg,jpeg,png,txt,pdf,doc,docx