英文:
Dropzone multiple uploads returned 403 forbidden
问题
I'm implementing multiple upload for 25 files at once using Dropzone and Laravel.
On my development server, the code runs well. 25 files, all successful.
However, on my production server, 5 files are ok. More than 5 files, there will be few returned with 403 Forbidden error.
I already configured php.ini
upload_max_filesize = 50MB
post_max_size = 50MB
and the tested files didn't reach 5MB actually.
There is no LimitRequestBody setting in httpd.conf.
The form is included with @csrf.
Where else should I look into?
After couple of days, I came across this line in apache modsec_audit.log
Apache-Error: [level 3] client denied by server configuration: /var/www/myapp/public/api
That points directly to the error.
Now I need advice on how to configure mod_evasive to handle dropzone multiple upload.
英文:
I'm implementing multiple upload for 25 files at once using Dropzone and Laravel.
On my development server, the code runs well. 25 files, all successful.
However, on my production server, 5 files are ok. More than 5 files, there will be few returned with 403 Forbidden error.
I already configured php.ini
upload_max_filesize = 50MB
post_max_size = 50MB
and the tested files didn't reach 5MB actually.
There is no LimitRequestBody setting in httpd.conf.
The form is included with @csrf.
Where else should I look into?
After couple of days, I came across this line in apache modsec_audit.log
Apache-Error: [level 3] client denied by server configuration: /var/www/myapp/public/api
That points directly to the error.
Now I need advice on how to configure mod_evasive to handle dropzone multiple upload.
答案1
得分: 2
I think this is from Apache's mod_evasive module. This module protects against DDoS attacks by limiting the number of requests a single IP address can make quickly.
You can do two options in this
Option 1
Modify the mod_evasive configuration in your apache.
-
DOSPageCount: This is the number of requests for the same page. -
DOSSiteCount: Requests for any object by the same client on the same listener per site interval.DOSPageCount 30 DOSSiteCount 30
Option 2
Add parallelUploads option to the Dropzone
Dropzone.options.myDropzone = {
parallelUploads: 5, // According to your mod_evasive limit
}
英文:
>I think this is from Apache's mod_evasive module. This module protects against DDoS attacks by limiting the number of requests a single IP address can make quickly.
You can do two options in this
Option 1
Modify the mod_evasive configuration in your apache.
-
DOSPageCount: This is the number of requests for the same page. -
DOSSiteCount: Requests for any object by the same client on the same listener per site interval.DOSPageCount 30 DOSSiteCount 30
Option 2
Add parallelUploads option to the Dropzone
Dropzone.options.myDropzone = {
parallelUploads: 5, // According to your mod_evasive limit
}
答案2
得分: 1
我找到解决办法。
我配置 mod_evasive 如下
DOSPageCount 25
我将 DOSPageCount 从 2 增加到 25,因为我最多可以上传 25 个文件。
英文:
I found the solution.
I configure mod_evasive like this
DOSPageCount 25
I increase DOSPageCount from 2 to 25 because I have max of 25 files for the upload.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论