Skip to content

Updating RequestBodyNoFilesLimit at runtime (feature request) #1933

@welljsjs

Description

@welljsjs
  • ModSecurity version: 2.9.2
  • Environment: Apache 2

The ctl action enables us to change ModSecurity configuration at runtime per transaction.

However, we're only able to update a limited number of configuration directives that are listed here.

This is a feature request to add ctl:requestBodyNoFilesLimit (see SecRequestBodyNoFilesLimit) to the editable configuration directives at runtime.

If there are several web services running under several sub-domains on the same server, some of them might need larger request body sizes than others. To optimize security and instead of changing the configuration directive globally, I'd prefer to be able to update this directive depending on (f.ex.) the request filename (or server name, ..., but at runtime).

Metadata

Metadata

Assignees

Labels

2.xRelated to ModSecurity version 2.xwaiting for v3New feature in v2 that is not yet available in v3. Therefore, not yet released.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions