You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[x ] I have searched the existing issues, open and closed, and I'm convinced that mine is new.
[x ] When the request is meant for an existing plugin, I've added its name to the title.
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
the following error in the log of the web server is shown: ModSecurity: Request body no files data length is larger than the configured limit (131072).. Deny with code (413) when the plugin os-OPNWAF is used with the Nextcloud application server. The following parameters musst be increased for the Nextcloud application server: SecRequestBodyLimit, SecRequestBodyNoFilesLimit (modsecurity.conf).
By correcting the parameters in the file directly some other errors are shown, like: REQUEST-920-PROTOCOL-ENFORCEMENT.conf id "920420" and REQUEST-911-METHOD-ENFORCEMENT.conf id "911100"
Describe the solution you'd like
A clear and concise description of what you want to happen.
It would be great to have some fields where we can setup ourselves the limit parameter for the files. We would like also the possibility to adapt the rules for the application server.
After some test with Nextcloud there's lot of false positive that with need to correct with changes in the rule sets. Maybe the possibility to disable some id for a virtual server. That could be a great enhancement.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
If we can manage the rules in os-OPNWAF like in the Ngnix plugin it would also work. After the review of the logs of the Web Application plugin. We have seen other problem like the heartbeat of Nextcloud which is blocked from the ModSecurity module. (id "911100")
Additional context
Add any other context or screenshots about the feature request here.
The text was updated successfully, but these errors were encountered:
WAG-Adm
changed the title
Change Request Body Limit / Request Body No Files Limit Parameter for os-OPNWAF "Web Application Firewall"
Feature Request: Change Request Body Limit / Request Body No Files Limit Parameter for os-OPNWAF "Web Application Firewall"
Sep 11, 2024
FYI, in the next OPNWAF version there will be a feature to exclude individual rule IDs per virtual host, from a nifty dropdown menu where all rules are searchable.
I will add the request secrequest parameters as soon as possible too.
Important notices
Before you add a new report, we ask you kindly to acknowledge the following:
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
the following error in the log of the web server is shown: ModSecurity: Request body no files data length is larger than the configured limit (131072).. Deny with code (413) when the plugin os-OPNWAF is used with the Nextcloud application server. The following parameters musst be increased for the Nextcloud application server: SecRequestBodyLimit, SecRequestBodyNoFilesLimit (modsecurity.conf).
By correcting the parameters in the file directly some other errors are shown, like: REQUEST-920-PROTOCOL-ENFORCEMENT.conf id "920420" and REQUEST-911-METHOD-ENFORCEMENT.conf id "911100"
Describe the solution you'd like
A clear and concise description of what you want to happen.
It would be great to have some fields where we can setup ourselves the limit parameter for the files. We would like also the possibility to adapt the rules for the application server.
After some test with Nextcloud there's lot of false positive that with need to correct with changes in the rule sets. Maybe the possibility to disable some id for a virtual server. That could be a great enhancement.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
If we can manage the rules in os-OPNWAF like in the Ngnix plugin it would also work. After the review of the logs of the Web Application plugin. We have seen other problem like the heartbeat of Nextcloud which is blocked from the ModSecurity module. (id "911100")
Additional context
Add any other context or screenshots about the feature request here.
The text was updated successfully, but these errors were encountered: