<div dir="ltr"><div class="gmail_quote">Hi<br>I am trying to resend (with small modification..) my request for help<br>Many Thanks <br>Hagai<br><br>----------------------------------------------------------------------------------------------<br>

<div dir="ltr">Hi<br><br>Is there any way to deny all requests with body?<br>I know I can set set client_max_body_size to 1 (byte)<br>But.. in that case Nginx reads all body request before finalizing the request.<br><br>
In case of requests with body as part of attack I would like to close the connection<br>

immediately without wasting any processing on that request.<br><br><b>I thought changing the code (ngx_http_core_module.c:996) from:</b><br><br>if (r->headers_in.content_length_n != -1<br>        && !r->discard_body<br>


        && clcf->client_max_body_size<br>        && clcf->client_max_body_size < r->headers_in.content_length_n)<br>    {<br>        ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,<br>

                      "client intended to send too large body: %O bytes",<br>
                      r->headers_in.content_length_n);<br>            <br>        (void) ngx_http_discard_request_body(r);<br>        ngx_http_finalize_request(r, NGX_HTTP_REQUEST_ENTITY_TOO_LARGE);<br>        return NGX_OK;<br>


    }<br><br><br><b><u>To:</u></b><br><br>if (r->headers_in.content_length_n != -1<br>        && !r->discard_body<br>        && clcf->client_max_body_size<br>        && clcf->client_max_body_size < r->headers_in.content_length_n)<br>


    {<br>        ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,<br>                      "client intended to send too large body: %O bytes",<br>                      r->headers_in.content_length_n);<br>


<br>       <b> ngx_connection_t* connection = r->connection;        <br>        ngx_http_finalize_request(r, NGX_DONE);<br>        ngx_close_connection(connection);</b><br>        <br>        return NGX_OK;<br>    }<br>

<br>Is that cover all or more changes are needed?<br>Thanks<span class="HOEnZb"><font color="#888888"><br>Hagai<br></font></span></div>
</div><br><br clear="all"><br>-- <br><div dir="ltr"><p><font color="#000000"><b>Hagai Avrahami</b></font><br>
<font color="#000000">Qwilt | Work: +972-72-2221644| Mobile: +972-54-4895656 | </font><a href="mailto:yoav@qwilt.com" rel="nofollow" target="_blank">hagaia@qwilt.com</a></p></div>
</div>