Hi I am running Mod_Security on Ubuntu instances in EC2 behind an Elastic Loadbalancer. The app is a Ruby App.
I have set
SecRequestBodyLimit 293601280
When I upload files below that size, they are processed as expected. When I exceed the size limit above I get mixed results.
Mod Security logs that it sent a 413, Request Entity too Large, to the client.
However at the client occasionally I see the 413 reported in various developer tools, more often it is a net::Error-Disconnect.
In the end my goal is to trap the 413 in code and report to the end user they have exceeded the file size.
This problem is HTTPS connection so TCPDump/Wireshark are little help. Disabling ModSecurity allows files of any size to upload.
Any ideas?
