question about undertow max-post-size

hchenkwi Apr 22, 2017 6:47 PM

Hi,

We are using Wildfly 10.0.0.Final on Solaris 10 with java 8.

we need to upload large file size, it seems that setting "max-post-size" helps solving the problem. the book "Wildfly Configuration, Deployment, and Administration" says setting max-post-size=0 can set the maximum allowed incoming post request size to be unlimited.

Is there any side effect by setting max-post-size to be big number or unlimited?

<buffer-cache name="default"/>

<http-listener name="default" max-post-size="25485760" redirect-socket="https" socket-binding="http"/>

Thanks, Helen

1. Re: question about undertow max-post-size

abhijithumbe Apr 25, 2017 12:19 AM (in response to hchenkwi)

The downside to disabling the POST size limitation is that you are potentially opening up the server to a DOS attack. With this limitation removed, an attacker could potentially upload a large POST request that could use up all of the available memory. The recommendation is to leave this limitation in place but adjust it according to the normal/expected usage of your web application
Actions
2. Re: question about undertow max-post-size

hchenkwi Apr 28, 2017 9:25 AM (in response to abhijithumbe)

Hi Abhijit,
Thanks a lot for the response.
Helen
Actions

Go to original post