Issue
- After upgrading to u70, when I try to publish web content with large content, I receive an error in the log looking like this:
ModSecurity: Access denied with code 400
Environment
- Liferay DXP 7.4
Resolution
- The error is related to Nginx. The SecRequestBodyLimit by default is set to 131kb. This value needs to be increased in order to publish the content.
-
In order to resolve it, In Apache, you could increase the
SecRequestBodyNoFilesLimitonly for the specific location where it's needed, like so:<Location "/user/profile/avatar-upload.php"> SecRequestBodyNoFilesLimit 200000 </Location>
-
For a simple override for a location, add to your Nginx configuration (
server{}block):location /add/submit.php { modsecurity_rules 'SecRequestBodyLimit 1048576'; modsecurity_rules 'SecRequestBodyNoFilesLimit 1048576'; }
For more information, kindly visit the following link: how-to-increase-secrequestbodylimit-for-specific-website-request-ur
Please note that the solution requires customizing the application. This means that your Developer Team should perform it at your discretion. It should also be tested on a lower environment and make a backup of the database before modifying the settings. If you require assistance and consultation, we recommend contacting our GS (Global Services).