Limit client max body size in the nginx configuration example (#579)
As Mastodon temporaliry saves uploaded content to memory and disk (if /tmp is a disk), unlimiting client max body size makes the server vulnerable to DoS attack.
This commit is contained in:
parent
42e5e85445
commit
8ab12a626e
|
@ -220,7 +220,7 @@ server {
|
|||
|
||||
keepalive_timeout 70;
|
||||
sendfile on;
|
||||
client_max_body_size 0;
|
||||
client_max_body_size 8m;
|
||||
|
||||
root /home/mastodon/live/public;
|
||||
|
||||
|
|
Loading…
Reference in New Issue