Plesk & SocialBee have teamed up. Save 30% now!

Get the Deal

Knowledge Base

Unable to upload file to website on Plesk: Request body no files data length is larger than the configured limit

 
almalinuxapachecentoscloudlinuxdebian

Symptoms

  • Unable to upload a file to a website hosted in Plesk:

    413 Request entity too large

    Request Entity Too Large
    The requested resource
    /upload-a-file/
    does not allow request data with POST requests, or the amount of data provided in the request exceeds the capacity limit.

  • ModSecurity Atomic ruleset is specified in Tools & Settings > Web Application Firewall (ModSecurity) > Settings
    or
    Imunify360 is installed in Extensions.

  • Error in /var/www/vhosts/example.com/logs/error_log:

    ModSecurity: Request body no files data length is larger than the configured limit (1048576).. Deny with code (413) [hostname "www.example.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Wakfj-fvNMmcLKLp-n8PjQAAAAE"]

Cause

Modsecurity limit defined by WAF_SECREQUESTBODYNOFILESLIMIT parameter value is reached.

Resolution

If ModSecurity Atomic ruleset is specified in Web Application Firewall (ModSecurity) settings:

  1. Log into the server via SSH.

  2. Open /etc/asl/config file using the vi text editor.

  3. Increase the value for the WAF_SECREQUESTBODYNOFILESLIMIT directive, for example to the value as below (specified in Bytes):

    WAF_SECREQUESTBODYNOFILESLIMIT "10000000"

  4. Execute the command below to update the rulesets:

    # for i in daily weekly monthly; do /usr/local/psa/bin/sw-engine-pleskrun /usr/local/psa/admin/plib/DailyMaintainance/script.php -f UpdateModSecurityRuleSet --period "${i}"; done

This way the change will remain persistent after any updates/rulesets changes.

If Imunify360 is installed in Extensions and there is no /etc/asl/config file:

For Debian based systems (Ubuntu/Debian):

  1. Check if SecRequestBodyNoFilesLimit is not defined in Apache configuration:

    # grep -r SecRequestBodyNoFilesLimit /etc/apache2/
    #

  2. If it is defined, increase this value. If not, define SecRequestBodyNoFilesLimit by creating limits.conf file:

    # printf "SecRequestBodyNoFilesLimit 10000000n" > /etc/apache2/modsecurity.d/limits.conf

  3. Reload the service:

    # service apache2 reload

For RHEL-based systems (CentOS/CloudLinux/AlmaLinux):

  1. Check if SecRequestBodyNoFilesLimit is defined in Apache configuration:

    # grep -r SecRequestBodyNoFilesLimit /etc/httpd
    #

  2. If it is defined, increase its value. If not, define SecRequestBodyNoFilesLimit by creating limits.conf file:

    # printf "SecRequestBodyNoFilesLimit 10000000n" > /etc/httpd/conf/modsecurity.d/limits.conf

  3. Reload the service:

    # service httpd reload

Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

Follow us:

Facebook Twitter Linkedin Youtube Github

© 2024 WebPros International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of WebPros International GmbH.

Managed with love with Plesk WP Toolkit