From 9ee9947250ff85e5b833fc6b13125cb7a44d5aa3 Mon Sep 17 00:00:00 2001 From: Nikolaos Perrakis Date: Wed, 11 Sep 2019 02:04:04 +0100 Subject: Increased modsecurity bodynofileslimit so larger files can be synced (#993) Signed-off-by: Nikolaos Perrakis Signed-off-by: nachoparker --- bin/ncp/SECURITY/modsecurity.sh | 4 ++-- changelog.md | 6 ++++-- updates/1.17.0.sh | 5 +++++ 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/bin/ncp/SECURITY/modsecurity.sh b/bin/ncp/SECURITY/modsecurity.sh index 067404cd..94d8c5e8 100644 --- a/bin/ncp/SECURITY/modsecurity.sh +++ b/bin/ncp/SECURITY/modsecurity.sh @@ -70,8 +70,8 @@ configure() SecRuleRemoveById 981401 # Content-Type Response Header is Missing and X-Content-Type-Options is either missing or not set to 'nosniff' SecRuleRemoveById 200002 # Failed to parse request body - # UPLOADS ( 5 MB max excluding file size ) - SecRequestBodyNoFilesLimit 5242880 + # UPLOADS ( https://github.com/nextcloud/nextcloudpi/issues/959#issuecomment-529150562 ) + SecRequestBodyNoFilesLimit 536870912 # GENERAL SecRuleRemoveById 920350 # Host header is a numeric IP address diff --git a/changelog.md b/changelog.md index 0c5a6242..c2f2fa70 100644 --- a/changelog.md +++ b/changelog.md @@ -1,7 +1,9 @@ -[v1.16.5](https://github.com/nextcloud/nextcloudpi/commit/15a1beb) (2019-09-12) nc-datadir: make sure dir exists before check +[v1.16.6](https://github.com/nextcloud/nextcloudpi/commit/d3718d1) (2019-09-11) Increased modsecurity bodynofileslimit so larger files can be synced (#993) -[v1.16.4](https://github.com/nextcloud/nextcloudpi/commit/4bd06e6) (2019-09-10) fail2ban: dont need ufw check in docker +[v1.16.5](https://github.com/nextcloud/nextcloudpi/commit/789f0b5) (2019-09-12) nc-datadir: make sure dir exists before check + +[v1.16.4 ](https://github.com/nextcloud/nextcloudpi/commit/4bd06e6) (2019-09-10) fail2ban: dont need ufw check in docker [v1.16.3 ](https://github.com/nextcloud/nextcloudpi/commit/06005e1) (2019-09-09) nc-datadir: avoid using the symlink diff --git a/updates/1.17.0.sh b/updates/1.17.0.sh index 98070034..1cfbdace 100644 --- a/updates/1.17.0.sh +++ b/updates/1.17.0.sh @@ -15,6 +15,11 @@ sed -i "s/buster/$RELEASE/g" /etc/apt/sources.list.d/* &>/dev/null || true apt-get update apt-get install -y --no-install-recommends php${PHPVER}-gmp +# Update modsecurity config file only if user is already in buster and +# modsecurity is used. +# https://github.com/nextcloud/nextcloudpi/issues/959 +is_active_app modsecurity && run_app modsecurity + # docker images only [[ -f /.docker-image ]] && { : -- cgit v1.2.3