Hello! On Sat, Sep 14, 2013 at 11:15:39AM -0700, Jeroen Ooms wrote:
> @ Maxim Dounin > > Thanks! This is very helpful. I have also set: > > client_body_buffer_size 1m; > > Could this setting have any side effects? I am not expecting too many > large POST request. From what I read, client_body_buffer_size is > actually the maximum amount of memory allocated. Does this mean that > for small requests (e.g. without a body) there is no additional > overhead introduced by raising this value? Yes, it's not allocated if there is no request body, and only needed buffer is allocated if a request body is known to be smaller. On the other hand, it can be used as a DoS vector if an attacker is allowed to open many connections but you can't afford them all to allocate client_body_buffer_size buffer. Additionally, using such a big $request_body in proxy_cache_key implies various overheads. In particular, proxy_buffer_size should be set big enough to be able to contain cache header with a key. Not even talking about reading/writing cache files with such keys. -- Maxim Dounin http://nginx.org/en/donation.html _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
