I am currently running Sophos UTM 9.315-2. The Web Application Firewall is blocking traffic that is a POST over a certain size. The web application needs to post this size of a page. Currently it returns an HTTP 413 and then the Web Application Firewall logs:
ModSecurity: Request body no files data length is larger than the configured limit (1048576)
I can see no way to disable this other than turning off the Web Application Firewall. No rule ID or other identifier is given to exclude it. I've found some online references to modifying the SecRequestBodyNoFilesLimit value in a configuration file, but that would get overwritten by updated firmware...
Is there a way to handle this within the WAF configuration?
Below is the log entry:
2015:12:10-20:29:34 ec2bfirewall reverseproxy: [Thu Dec 10 20:29:34.517448 2015] [security2:error] [pid 27646:tid 3803810672] [client 77.197.160.7] ModSecurity: Request body no files data length is larger than the configured limit (1048576).. Deny with code (413) [hostname "www.highcountry.com"] [uri "/CustomizeAttributeSelections.aspx"] [unique_id "VmngrQoAAAoAAGv@MEgAAABZ"]
This thread was automatically locked due to age.
