In recent versions of AOLserver 4.0, there's a new config parameter for socket drivers (nssock, nsopenssl) called "maxinput" that limits the size of the HTTP request, defaulting to 1,024,000 bytes. For most sites, this may be a suitable default to prevent resource-starvation style Denial of Service attacks. However, if your application allows for large HTTP requests (such as file uploads that exceed 1MB in size), you will need to crank the knob on the "maxinput" parameter suitably high for your needs.
For nssock, this is pretty straightforward: ns_section "ns/server/${servername}/module/nssock" ns_param maxinput [expr 1024 * 1024 * 100] This would set "maxinput" to 100MB. However, if you're using nsopenssl, you may think that a similar config section like this should work: ns_section "ns/server/${servername}/module/nsopenssl" ns_param maxinput [expr 1024 * 1024 * 100] But, it doesn't! (Ross Simpson and I found this out the hard way, with two hours of much gnarly debugging and head-scratching.) So, how DO you set "maxinput" for nsopenssl? Well, nsopenssl has a "ssldrivers" config section, that might look like the following: ns_section "ns/server/${servername}/module/nsopenssl/ssldrivers" ns_param example "an example server" That defines the ssldriver named "example". You set parameters for it (like you do for nssock) in this config section: ns_section "ns/server/${servername}/module/nsopenssl/ssldriver/example" ns_param sslcontext example_ctx ns_param port 443 # ... etc ... ns_param maxinput [expr 1024 * 1024 * 100] Yes, you define parameters like "maxinput" and "recvwait" and other socket-related settings in THIS section! Yes, this is where those settings belong. Interesting bug: in at least nsopenssl (and perhaps nssock), if maxinput is reached, the server seems to sleep or simply spin, instead of returnign some kind of error ("400 Bad Request / request exceeds maxinput" or somesuch). So, the diagnostic behavior is if you're uploading a large file that exceeds maxinput, the browser just appears to be still sending the file and it never finishes (until "recvwait" seconds elapse, I believe). -- Dossy -- Dossy Shiobara mail: [EMAIL PROTECTED] Panoptic Computer Network web: http://www.panoptic.com/ "He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on." (p. 70) -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.