CyberKeeda In Social Media

Apache Hardening : Limit Request Size


By default Apache has no limit on the total size of the HTTP request i.e. unlimited and when you allow large requests on a web server its possible that one could be a victim of Denial of service attacks. We can Limit the requests size of an Apache directive “LimitRequestBody” with the directory tag.

This is generally preffered for websites/blogs that gives an upload option through http protocol
Unlimited upload size can really effect and site can be compromised by attackers  using DDos.

One can set the value in bytes from 0 (unlimited) to 2147483647 (2GB) that are allowed in a request body. You can set this limit according to your site needs.


Here in this example, my_uploads is a directory which contains files uploaded by users. We are We We will put a limit of  500K  for this by making the changes in Apache configuration file ( httpd.conf ).

<Directory "/var/www/mywebsite/my_uploads">
LimitRequestBody 512000
</Directory>


No comments:

Post a Comment

Designed By Kunal Saha