[Mongrel] Limit Request Body Size (Disallow very large File-uploads)
rs at pccl.info
Fri Jun 12 11:15:34 EDT 2009
> Hello all,
> For the last couple of days I was trying to get my
> Apache/mod_proxy/mongrel setup to limit the size of the request body.
> The setup is as follows:
> 1.) Apache acts as a reverse proxy by facilitating mod_rewrite and mod_proxy
> 2.) Requests for non-static files are passed on to a mongrel_cluster
> 3.) We use mongrel for our Ruby on Rails application
> Note that due to some restrictions we are unable to use
> Apache/Passenger for our production deployment.
> Is there a way to tell mongrel to skip requests which exceed a certain
> limit (say 20MB) and return a 400 (Bad Request) response or the like?
> I have tried to use the LimitRequestBody directive of Apache httpd,
> but this obviously does not work, since Apache httpd passes most of
> it's requests directly on to mongrel. Thanks for your help!
> Mongrel-users mailing list
> Mongrel-users at rubyforge.org
mod_security may very well be your friend there. It can be configured to drop
any request over a certain size, and by its nature will drop it with standard
HTTP error messages.
More information about the Mongrel-users