Ryan Stenhouse
Fri, 12 Jun 2009 08:53:46 -0700
gollomm wrote:
Hello all, For the last couple of days I was trying to get my Apache/mod_proxy/mongrel setup to limit the size of the request body. The setup is as follows: 1.) Apache acts as a reverse proxy by facilitating mod_rewrite and mod_proxy 2.) Requests for non-static files are passed on to a mongrel_cluster 3.) We use mongrel for our Ruby on Rails application Note that due to some restrictions we are unable to use Apache/Passenger for our production deployment. Is there a way to tell mongrel to skip requests which exceed a certain limit (say 20MB) and return a 400 (Bad Request) response or the like? I have tried to use the LimitRequestBody directive of Apache httpd, but this obviously does not work, since Apache httpd passes most of it's requests directly on to mongrel. Thanks for your help! Regards, Severin _______________________________________________ Mongrel-users mailing list Mongrel-users@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-users
Hello Severin, mod_security may very well be your friend there. It can be configured to drop any request over a certain size, and by its nature will drop it with standard HTTP error messages. Regards, Ryan _______________________________________________ Mongrel-users mailing list Mongrel-users@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-users