Articles in this section

See more

 Site on Plesk is not available: ModSecurity: Response body too large

Avatar
Leonid Gukhman
Updated
Follow
Plesk for Linux kb: technical ABT: Group A

Applicable to:

  • Plesk for Linux

Symptoms

  1. Domain is not available with the following error shown:

    CONFIG_TEXT: 500
    Internal Server Error

  2. The following messages can be found in Domains > example.com > Logs or in /var/www/vhosts/example.com/logs/error.log file:

    CONFIG_TEXT: [error] [client 203.0.113.2] ModSecurity: Output filter: Response body too large (over limit of 524288, total not specified). [hostname "www.example.com"] [uri "/index.php"] [unique_id "W*****U43-wA*****G"]

Cause

Domain exceeded the default SecResponseBodyLimit parameter for ModSecurity (512 Kb).

Resolution

For domain

  1. Log in to Plesk.

  2. Navigate to Domains > example.com > Apache & nginx Settings

  3. Add the following line to Additional directives for HTTP and to Additional directives for HTTPS:

    CONFIG_TEXT: <IfModule mod_security2.c>
    SecResponseBodyLimit 536870912
    </IfModule>

  4. Press Apply .

Server-wide

  1. Log in to Plesk.

  2. Navigate to Tools & settings > Web Application Firewall (ModSecurity) > Settings > Custom directives section:

  3. Add the following line:

    CONFIG_TEXT: SecResponseBodyLimit 536870912

  4. Press Apply

Comments

2 comments

Sort by Date Votes
  • Avatar
    Agilehost Sales

    Shouldn't that be 536870912 ? Which is 512mb.

    0
    Comment actions Permalink
  • Avatar
    Ivan Postnikov

    Hello Agilehost Sales

    I agree with you that 536870912  would look better here and fixed this.

    In general, 512mb isn't an obligatory value here. The main idea is that the limit should be more that the response body and this value is individual for different websites/installations.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles