Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-01 20:42:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge pull request #1266 from kawaiipantsu/kawaiipantsu-request-uri-size

Browse source 
Fixing uri max size
This commit is contained in:
Marco Ochse 2023-02-23 16:54:53 +01:00 committed by GitHub
commit 1a20de2f7f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
docker/nginx/dist/conf/tpotweb.conf vendored
View file

@ -46,7 +46,14 @@ server {
client_body_buffer_size 128k;
client_header_buffer_size 1k;
client_max_body_size 2M;
large_client_header_buffers 2 1k;
### Changed from OWASP recommendations: "2 1k" to "2 1280" (So 1.2k)
### When you pass though potentially another reverse proxy/load balancer
### in front of tpotce you can introduce more headers than normal and
### therefore you can exceed the allowed header buffer of 1k.
### An 280 extra bytes seems to be working for most use-cases.
### And still keeping it close to OWASP's recommendation.
large_client_header_buffers 2 1280;
### Mitigate Slow HHTP DoS Attack
### Timeouts definition ##