On Dec 20, 12:48 am, Andreas Gustafsson <[email protected]> wrote:
> What's the recommended way to protect a Django application against
> denial of service via huge file uploads or huge POST requests in
> general? If I set the LimitRequestBody option in the Apache
> configuration file, mod_python throws an ominous-looking exception
> when the limit is exceeded:
>
> SystemError: ../Objects/stringobject.c:4089: bad argument to
> internal function
>
> I assume that's a symptom of the bug described in <https://
> issues.apache.org/jira/browse/MODPYTHON-240>.
Wrong issue, the issue that error relates to is:
http://issues.apache.org/jira/browse/MODPYTHON-234
which is in turn related to:
http://issues.apache.org/jira/browse/MODPYTHON-222
It hasn't got anything to do with LimitRequestBody. That this but
exists in current versions of mod_python and can crop up at random
times is a good reason why you don't want to be using mod_python.
Instead of mod_python use mod_wsgi and you will not get this problem.
Also, in mod_wsgi the LimitRequestBody actually works like one would
expect it to work where as in mod_python it doesn't work at all.
The custom file upload handler mentioned by someone else will not help
at all with the mod_python bug and you could still get that error when
using it.
Graham
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
