LimitRequestBody 10240000

Hi, please check the following documentation. This will help you with your question.

Let me know if you need more help.

Kind regards

Can You make a menu for this too?

Hi,

Can You make a menu for this too?

Can you elaborate further your question.

Thank you

Add menu point like:
WP Security -> Filesystem Security -> Upload filesize set

Thank you for clarifying your question further. I have submitted a message to the developers to investigate further your request.

Kind regards

Same problem here. I had to do quite the research, including bothering my webhoster, before I noticed that it was AIOWPS, that sets a 10 MB limit on uploads.

As far as I can see this is not mentioned in aiowps-dashboard and certainly not in the “alert box” of the firewall rules.

So please either mention what these rules do in more detail (at least put a link to the documentation) or preferably provide an option to set the “LimitRequestBody” somewhere in the dashboard, as @18tommyboy suggested.

• This reply was modified 5 years ago by archesis.

I don′t know why not it make an option after 1 year… User must search over the internet what is wrong with this plugin…

That is part of the basic firewall rule. That firewall is suppose to limit uploads to prevent hackers from uploading large files. Don’t enable the basic firewall option if you don’t want that rule to be applied to your site. It is there for other people who want that rule.

You can’t just apply all the different firewall rules blindly to your site. Because some of the firewall will limit certain functionality. All the options are there for people to choose. You need to pick and choose the ones that you want to apply based on what it does and what functionality you need your site to continue to perform.

You missed the point spectacularly.

1) How do I know if I want this rule, if I do not know it exists unless I dig around in htaccess after the fact. Which is not why you want to have the convenience of a security plugin.

2) I CAN NOT “pick and choose” – exactly because there is just the one switch. The alert box above it does neither say what it does nor is there a link to any documentation.

So yeah, by your own admission, my assertion has been confirmed in its entirety.

Hi, I understand what you mean. We have added information for each feature available in the plugin to help the user understand what happens when a feature is activated.

1) How do I know if I want this rule, if I do not know it exists unless I dig around in htaccess after the fact. Which is not why you want to have the convenience of a security plugin.

When you enable the following feature Enable Basic Firewall Protection: located in WP Security -> Firewall -> Basic Firewall Rules, we added a More Info link to let the user know what will be included when it is activated. This link states the following.

This setting will implement the following basic firewall protection mechanisms on your site:
1) Protect your htaccess file by denying access to it.
2) Disable the server signature.
3) Limit file upload size (10MB).
4) Protect your wp-config.php file by denying access to it.
The above firewall features will be applied via your .htaccess file and should not affect your site’s overall functionality.
You are still advised to take a backup of your active .htaccess file just in case.

Does the above information help you in any way?

Thank you

We still need a switch for this ??
The owner of server must set the max filesize of Upload, he probably knows how much is secure to set… RAW files from camera is 3x bigger than 10MB, this is joke…

When you enable the following feature Enable Basic Firewall Protection: located in WP Security -> Firewall -> Basic Firewall Rules, we added a More Info link to let the user know what will be included when it is activated. This link states the following.

Thanks, perhaps you could add a link to the documentation, like: “Here is how you can adapt these rules”
https://mbrsolution.com/wordpress/all-in-one-wp-security-firewall-custom-rules.php

Also some information on the differences between WordPress’ own upload limit and a limit in htaccess would be nice.

The owner of server must set the max filesize of Upload, he probably knows how much is secure to set… RAW files from camera is 3x bigger than 10MB, this is joke…

Well, a security plugin is usually aimed at people who do not exactly know how to harden security manually. You can put “LimitRequestBody 102400000” in “Custom Rules” to set the limit to 100 MB.

However I do agree that it would be nice to be able to set this limit yourself (with 10 MB being the recommended default).

Hi, just letting you know the developers are planning in adding something for this feature in a future release. However I don’t know when though.

Thank you for your patience and understanding.

Enjoy the plugin.

Hi,
I concur that having a setting for this would be very preferable.
If you use the custom rules it results in 2 entries for LimitRequestBody in the htaccess file.
For the time being, I changed this in /classes/wp-security-utility-htaccess.php line 364:

//limit file uploads to 10mb
$rules .= 'LimitRequestBody 102400000' . PHP_EOL;

It’s not best practice to change core files of plugins, but this works and there are not two entries this way for LimitRequestBody.

Thanks,
Pete

Hi
The next version will have a configurable field which will allow you to set the file upload limit.