Reference Manual: https://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecResponseBodyLimit https://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecResponseBodyLimitAction
Current setting: # Buffer response bodies of up to 512 KB in length. SecResponseBodyLimit 524288 # What happens when we encounter a response body larger than the configured # limit? By default, we process what we have and let the rest through. # That's somewhat less secure, but does not break any legitimate pages. # SecResponseBodyLimitAction ProcessPartial Rationale: This main directive is set at a reasonable level for most sites. If individual pages require higher/lower restrictions, you can use the ctl:responseBodyLimit action to adjust. If the response body is above this setting, we recommend ProcessPartial as this will at least let you inspect the beginning portions of the response bodies looking for error leakages without the worry of blocking entire response pages. ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
