[Mongrel] Limit Request Body Size (Disallow very large File-uploads)

Ryan Stenhouse rs at pccl.info
Fri Jun 12 11:15:34 EDT 2009


gollomm wrote:

> Hello all,
>
> For the last couple of days I was trying to get my
> Apache/mod_proxy/mongrel setup to limit the size of the request body.
> The setup is as follows:
>
> 1.) Apache acts as a reverse proxy by facilitating mod_rewrite and mod_proxy
> 2.) Requests for non-static files are passed on to a mongrel_cluster
> 3.) We use mongrel for our Ruby on Rails application
>
> Note that due to some restrictions we are unable to use
> Apache/Passenger for our production deployment.
>
> Is there a way to tell mongrel to skip requests which exceed a certain
> limit (say 20MB) and return a 400 (Bad Request) response or the like?
> I have tried to use the LimitRequestBody directive of Apache httpd,
> but this obviously does not work, since Apache httpd passes most of
> it's requests directly on to mongrel. Thanks for your help!
>
> Regards,
> Severin
> _______________________________________________
> Mongrel-users mailing list
> Mongrel-users at rubyforge.org
> http://rubyforge.org/mailman/listinfo/mongrel-users
>   
    Hello Severin,

    mod_security may very well be your friend there. It can be configured to drop
    any request over a certain size, and by its nature will drop it with standard
    HTTP error messages.

    Regards,

    Ryan



More information about the Mongrel-users mailing list