Issue
- After upgrading to u70, when I try to publish web content with large content, I receive an error in the log looking like this:
ModSecurity: Access denied with code 400
Environment
- Liferay DXP 7.4
Resolution
- The error is related to Nginx. The SecRequestBodyLimit by default is set to 131kb. This value needs to be increased in order to publish the content.
-
In order to resolve it, In Apache, you could increase the
SecRequestBodyNoFilesLimitonly for the specific location where it's needed, like so:<Location "/user/profile/avatar-upload.php"> SecRequestBodyNoFilesLimit 200000 </Location>
-
For a simple override for a location, add to your Nginx configuration (
server{}block):location /add/submit.php { modsecurity_rules 'SecRequestBodyLimit 1048576'; modsecurity_rules 'SecRequestBodyNoFilesLimit 1048576'; }
For more information, kindly visit the following link: how-to-increase-secrequestbodylimit-for-specific-website-request-ur
Please note that the solution requires customizing the application. This means that your Developer Team should perform it at your discretion. It should also be tested on a lower environment and make a backup of the database before modifying the settings. If you require assistance and consultation, we recommend contacting our GS (Global Services).
Additional Information
Contenido exclusivo para suscriptores.
Una Suscripción Enterprise de Liferay proporciona acceso a más de 1.500 artículos que incluyen las mejores practicas, diagnóstico de problemas y otras soluciones útiles. Inicia sesión para tener un acceso completo.
Inicia sesión