By default Apache has no limit on the total size of the HTTP request i.e. unlimited and when you allow large requests on a web server its possible that one could be a victim of Denial of service attacks. We can Limit the requests size of an Apache directive “LimitRequestBody” with the directory tag.
This is generally preffered for websites/blogs that gives an upload option through http protocol
Unlimited upload size can really effect and site can be compromised by attackers using DDos.
One can set the value in bytes from 0 (unlimited) to 2147483647 (2GB) that are allowed in a request body. You can set this limit according to your site needs.
Here in this example, my_uploads is a directory which contains files uploaded by users. We are We We will put a limit of 500K for this by making the changes in Apache configuration file ( httpd.conf ).
<Directory "/var/www/mywebsite/my_uploads"> LimitRequestBody 512000 </Directory>
No comments:
Post a Comment