Explore information related to modsecurity error

ModSecurity File Upload Error With SecRequestBodyNoFilesLimit

This article covers ModSecurity File Upload Error With SecRequestBodyNoFilesLimit error which happens when the ModSecurity parameter SecRequestBodyNoFilesLimit has reached the limit.

When this issue occurs, you will be Unable to upload file to the website: Request body no files data length is larger than the configured limit.

This error can occur when WAF_SECREQUESTBODYNOFILESLIMIT parameter value reached its limit.

Symptoms of ModSecurity File Upload Error:

1. Unable to upload a file to the website hosted in Plesk with the error:

413 Request entity too large

Request Entity Too Large

The requested resource


does not allow request data with POST requests, or the amount of data provided in the request exceeds the capacity limit.

2. ModSecurity component is installed on the server.

3. The following error can be found in /var/www/vhosts/example.com/logs/error_log file:

[:error] [pid 21701] [client] ModSecurity: Request body no files data length is larger than the configured limit (1048576).. 

Deny with code (413) [hostname "www.example.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Wakfj-fvNMmcLKLp-n8PjQAAAAE"]

Steps to resolve ModSecurity File Upload Error:

1. Log into the server via SSH.

2. Open /etc/asl/config file using the vi text editor.

3. Increase the value for the WAF_SECREQUESTBODYNOFILESLIMIT directive, for example to the value as below:


Note: it is specified in Bytes.

4. Execute the command below to update the rulesets:

for i in daily weekly monthly; do /usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php -f UpdateModSecurityRuleSet --period "${i}"; done

This way the change will remain persistent after any updates/rulesets changes.

Read More

ModSecurity failed to open the audit log file error

This article will guide you on methods to resolve the error 'ModSecurity failed to open the audit log file' which occur as a result of a missing log files or due to improper permissions.

1. Setting ownership to www-data:www-data and file permissions from 600 to 660 will fix this problem.

2. Ensure that the permissions are properly configured on these files.

Execute the command below:

chmod 0644 /etc/apache2/logs/error_log

chmod 0600 /etc/apache2/logs/modsec_audit.log

The modsec log files are assigned 0600 permissions by default, whereas the error_log is assigned 0644 permissions by default.

3. mkdir permission denied signifies that the user you're running the mkdir as, doesn't have permissions to create new directory in the location you specified. 

You should use ls command on the higher level directory to confirm permissions.

4. The mkdir command by default gives rwx permissions for the current user only. To add read, write, and execute permission for all users, add the -m option with the user 777 when creating a directory.

Read More

Disable ModSecurity for a domain

This article will guide you on how to disable Mod_Security for a specific domain. Basically, ConfigServer #Modsecurity Control allows us to disable the #rules that are blocking access to a specific #domain.

1. Mod_security module helps to protect your website from various #attacks. 

2. ModSecurity is an open-source web-based firewall application (or #WAF) supported by different web servers: Apache, Nginx and IIS. The module is configured to protect web #applications from various attacks.

3. If mod-security is disabled on your account, your website will be at risk from vulnerabilities.

4. To disable modsecurity, all we need to do is remove/rename that file and restart apache. Remove the include line loading mod_security (or more likely mod_security2) from your Apache config.

Read More

How to fix ModSecurity Error Failed deleting collection

This article will show you exactly what we did to fix ModSecurity error: collections_remove_stale: Failed deleting collection.

Read More

For Linux Tutorials

We create Linux HowTos and Tutorials for Sys Admins. Visit us on LinuxAPT.com

Also for Tech related tips, Visit forum.outsourcepath.com or General Technical tips on www.outsourcepath.com

Focus on your business, not your servers.

Click Here to Learn More