How Can We Help?
< All Topics
Print

Request body excluding files is bigger than the maximum – Request body no files data length is larger than the configured limit

You may notice either of the following errors in ModSecurity log with 413 response code while submitting your changes or uploading your files

  • Request body excluding files is bigger than the maximum
  • Request body no files data length is larger than the configured limit 

This happens specifically because the values set are not enough for the following parameters in your ModSecurity configuration.

  • SecRequestBodyLimit
  • SecRequestBodyNoFilesLimit

Increasing the values for the above parameters in the ModSecurity configuration should fix this issue. Since we do not enforce the values from cPGuard configuration, the values are set either from your control panel or they are left with the default values. Given below are the steps to modify the values with some popular control panels…for other panels or Standalone servers you need to locate the configuration file and make amendments. 

1. cPanel 

You can edit teh file /etc/apache2/conf.d/modsec/modsec2.user.conf and add the entries for the specific configuration parameters into to the top of the file. Then restart your web server to reflect the changes

Refer to this cPanel Documentation for additional help. 

2. Plesk

Plesk has an official documentation about this issue and this help article   has the instructions to fix this error with Plesk.

3. DirectAdmin

On DirectAdmin servers, you can find the values set in /etc/httpd/conf/extra/httpd-modsecurity.conf. So you need to

1. Edit the file /etc/httpd/conf/extra/httpd-modsecurity.conf

2. Increase the values for SecRequestBodyLimit and SecRequestBodyNoFilesLimit

3. Restart Web Server

That will help to fix the issue. To permanently retain this change, you need to edit the custombuild configuration. Please refer to this instruction document for details.

4. Enhance

On Enhance servers, you can modify the value by

1. Edit file /etc/modsecurity.d/modsec.customisations.conf

2. Increase the values for SecRequestBodyLimit and SecRequestBodyNoFilesLimit

3. Restart Web Server

Note that you can also manage the mentioned configurations for other panels or on standalone servers. You just need to find a appropriate .conf file to modify the value and then restart your web server.

Was this article helpful?
5 out of 5 stars

1 rating

5 Stars 100%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
5
How can we improve this article?
Please submit the reason for your vote so that we can improve the article.
Table of Contents