All, I have a question about setting the SecRequestBodyLimit parameter. Currently, we have 2 web servers on different networks that has mod security running. One server has the SecRequestBodyLimit parameter set in the mod_security.conf file and the other server has it defined in modsecurity_crs_10_config.conf. Does it matter which file defines the SecRequestBodyLimit parameter? Does either location make the load on the servers less? What is the default value for this parameter if none is specified? We are trying to get a control of the size of attachments that are uploaded to our portal.
Thanks Todd Platt [email protected] _______________________________________________ Owasp-modsecurity-core-rule-set mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
