New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to override SecRequestBodyAccess in ingress annotation #5612
Comments
@dcherniv I am awaiting feedback from the modsecurity project owasp-modsecurity/ModSecurity-nginx#183 |
@aledbf ah that makes sense. This issue is strange in that i can in fact override some variables but not the others.
SecRequestBodyAccess Off in annotations has no effect however. |
@dcherniv at this point, because all the issues I am considering to extract the mod-security feature to a sidecar. |
@aledbf bummer. we just finished switching from lua-resty WAF to modsecurity :) |
@dcherniv just to be clear, this is just a POC, and if we do something, no change to what you have now for ModSecurity would be required. That is a deal-breaker for me. The only change should be an additional container in the deployment/daemonset definition |
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
Rotten issues close after 30d of inactivity. Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
@fejta-bot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
NGINX Ingress controller version: 0.31.1
Kubernetes version (use
kubectl version
): 1.15.x EKSEnvironment: AWS
What happened:
modsecurity denies request that are larger than default body size which is 13MB
Even with the following annotation in place on the ingress resource:
What you expected to happen:
Request body processing to be disabled on the ingress resource.
How to reproduce it:
Enable modsecurity with the following annotation and try to post a large file.
/kind bug
The text was updated successfully, but these errors were encountered: