ModSecurity error: Request body no files data length is larger than the configured limit

Symptoms

When attempting to upload a file on your site, you encounter a 503 or 413 error, and an error similar to either of the following can be found in the Apache error log.

[Wed May 08 08:37:25.266211 2024] [security2:error] [pid 278630] [client 203.0.113.2:51962] [client 203.0.113.2] ModSecurity: Request body no files data length is larger than the configured limit (1048576). [hostname "domain.tld"] [uri "/"] [unique_id "ZjrXVUNf6MElbFfAOgyTJwAAAAk"], referer: https://domain.tld/

[Wed Aug 14 16:07:37.240877 2024] [lsapi:error] [pid 871:tid 887] [remote 203.0.113.2:51845] [host domain.tld] Error on sending request(POST / HTTP/2.0); uri(/) content-length(369): ReceiveAckHdr: nothing to read from backend (LVE ID 1002), check http://docs.cloudlinux.com/mod_lsapi_troubleshooting.html, referer: https://domain.tld/

Description

The default maximum request body size ModSecurity will accept for buffering, minus the size of files being transported in the request, is 1048576 bytes. If you are hitting the SecResponseBodyLimit limit, you will have to increase the limit in the modsec2.user.conf file.

Workaround

1. Access the server's command line as the 'root' user via SSH or "Terminal" in WHM.
2. Open the /etc/apache2/conf.d/modsec/modsec2.user.conf file in your preferred text editor.
3. Locate or add the SecResponseBodyLimit line.

   SecResponseBodyLimit 1048576

4. Set the SecResponseBodyLimit value to a value greater than 1048576.

   SecResponseBodyLimit 20971520

5. Save the changes and exit the text editor.
6. Restart the web service.

   /usr/local/cpanel/scripts/restartsrv_httpd