Reference Manual: https://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecRequestBodyLimitAction
Current setting: # What do do if the request body size is above our configured limit. # Keep in mind that this setting will automatically be set to ProcessPartial # when SecRuleEngine is set to DetectionOnly mode in order to minimize # disruptions when initially deploying ModSecurity. # SecRequestBodyLimitAction Reject Rationale: When the SecRuleEngine is set to DetectionOnly, this directive will automatically be changed to ProcessPartial in order to minimize disruptions to traffic during initial implementation. Users should review any alert messages generated in order to identify proper local size restrictions for the SecRequestBodyLimit directive. When the SecRuleEngine is set to On, this directive will then take effect and issue a 413 status code when requests are sent that are too large. ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
