Limiting Apache users file upload size

Limiting Apache users file upload size

This post is an continuation of ongoing apache related article. Earlier we have seen about Installation and configuration of apache webserver in linux, configuring apache logs, details about  apache with htaccess file, and methods to secure apache webserver and  protecting apache web directory with authentication.


Q: How can we restrict total size of HTTP request body sent from client on Apache webserver. ?

A; To restrict user upload size we can use LimitRequestBody directive on httpd.conf file or .httacces file

What is use of LimitRequestBody directive ?

LimitRequestBody directive specifies the number of bytes from 0 to 2GB that are allowed in a request body.

The LimitRequestBody directive permits the user to set a limit on the allowed size of an HTTP request message body.If the clients request exceeds that limit,server will return an error response.

This directive is very useful for server administrator to control abnormal client request, its useful for avoiding denial of service attacks

Ex – We can limit user uploads on /home/tts/user-uploads

We can add these lines in to httpd.conf file or .htaccess

<Directory “/home/tts/user-uploads”>
LimitRequestBody 102400

After adding the lines we need to reload (or) restart the service

/etc/init.d/httpd reload (or) service httpd reload

[root@TTS ~] /etc/init.d/httpd reload
Reloading httpd:    [  OK  ]

/etc/init.d/httpd restart (or) service httpd restart

[root@TTS ~] /etc/init.d/httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]

Leave a Reply

Your email address will not be published. Required fields are marked *