Applicable to:
- Plesk for Linux
Symptoms
-
Unable to upload a file to a website hosted in Plesk with the following error:
CONFIG_TEXT: 413 Request entity too large
CONFIG_TEXT: Request Entity Too Large
The requested resource
/upload-a-file/
does not allow request data with POST requests, or the amount of data provided in the request exceeds the capacity limit. -
On uploading a big file via WordPress administrator interface, the following error is shown:
Unexpected response from the server. The file may have been uploaded successfully. Check in the Media Library or reload the page
-
ModSecurity component is installed and active on the server
- Imunify360 is installed and active on the server
-
An error that is similar to the following can be found in the Apache error log
/var/www/vhosts/example.com/logs/error_log
:CONFIG_TEXT: ModSecurity: Request body no files data length is larger than the configured limit (1048576).. Deny with code (413) [hostname "example.com"] [uri "/Backoffice/index.php"] [unique_id "YCK6aBTMZUZFIMPlEoLhpAAAABk"]
CONFIG_TEXT: 2023-01-22 13:40:52 Error 203.0.113.2 [client 203.0.113.2] ModSecurity: Request body (Content-Length) is larger than the configured limit (134217728). [hostname "example.com"] [uri "/wp-admin/async-upload.php"] [unique_id "ZbEVgLPF684lP2xTCxMAEwAAABg"], referer: https://example.com/wp-admin/media-new.php Apache error
Cause
The error is caused by the limit of the SecRequestBodyNoFilesLimit
within the Imunify360 ruleset for ModSecurity being reached, which makes ModSecurity deny the upload action.
Resolution
Proceed to increase the resource necessary ModSecurity limits as follows:
Click on a section to expand
-
Log in to the server via SSH.
-
Create the file
zz_modsec2.conf
:-
On CentOS/RHEL/CloudLinux:
/etc/httpd/conf.d/zz_modsec2.conf
-
On Debian and Ubuntu:
/etc/apache2/conf.d/zz_modsec2.conf
and set the following in it with a text editor:
CONFIG_TEXT: <IfModule mod_security2.c>
SecRequestBodyLimit 546870912
SecRequestBodyNoFilesLimit 546870912
</IfModule>Note: The Limit below is specified in Bytes and equals 512 Megabytes.
-
- Restart Apache server:
-
On CentOS/RHEL/CloudLinux:
# systemctl restart httpd
-
On Debian and Ubuntu:
# systemctl restart apache2
-
Log in to Plesk
-
Go to Domains > example.com > Apache & Nginx Settings and set the following in both the Additional directives for HTTP and Additional directives for HTTPS fields:
Note: The Limit below is specified in Bytes and equals 512 Megabytes.
PLESK_INFO: <IfModule mod_security2.c>
SecRequestBodyLimit 546870912
SecRequestBodyNoFilesLimit 546870912
</IfModule>
Comments
0 comments
Please sign in to leave a comment.