Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  Cannot request with content length >2MB

    Posted 03-18-2021 23:18
    Dear team,

    I disabled Extremely Long HTTP Request,  I send request with content length of body >2MB, that seem imperva could not handle and not forward to backend so I could not receive response. 
    Can I set more value of maximum content length ?
    Version: 13.5.0.20

    Thanks,
    Best regards,
    #AllImperva

    ------------------------------
    dat lyoko1412
    ------------------------------


  • 2.  RE: Cannot request with content length >2MB

    Posted 03-22-2021 04:01
    What GW mode are you using? 
    I see you are using a very old version for GW.
    You should upgrade to v13.6.0.51 or v14.3 to receive some behavioural changes done in the area of very large posts.

    ------------------------------
    Anat Zadik (csp)
    Engineering Manager
    Tel Aviv CA
    ------------------------------



  • 3.  RE: Cannot request with content length >2MB

    Posted 03-22-2021 05:18
    Hi Anat

    I used GW mode: Reverse Proxy

    Best regards,

    ------------------------------
    dat lyoko1412
    ------------------------------



  • 4.  RE: Cannot request with content length >2MB

    Posted 03-22-2021 05:43
    We have made many improvements in the area of posts larger than 2MB. The improvements include behavioural changes in RP mode.
    I strongly recommend upgrading your GW version in this case.
    Recommended versions are the latest - v13.6P51 or v14.3P20

    ------------------------------
    Anat Zadik (csp)
    Engineering Manager
    Tel Aviv CA
    ------------------------------



  • 5.  RE: Cannot request with content length >2MB

    Posted 03-23-2021 12:01
    Hi @Anat Zadik,

    I am having the same issue in gateway v13.X ​running in KRP mode.
    Can you confirm that upgrading to v13.6P51 or v14.3P20 will solve this issue?
    And does it require to enable NGRP as well?

    Thank you in advanced.

    ------------------------------
    Worachat Sarsa
    SE
    Exclusive Networks TH
    Huaykwang
    ------------------------------



  • 6.  RE: Cannot request with content length >2MB

    Posted 03-23-2021 13:03
    Hi Dat,
    I'm facing the same issue....there is a kind of WA:

    My suggestion is to increase the buffer size to 4mb, if its ill occur so to 8mb with the following instructions:
     
    4mb:
    Navigate to the /opt/SecureSphere/etc/hades.cfg.template in the gateway CLI and edit values as shown:
    vrange_block_size: 4186112
    vrange_blocks_num: [1GB] 20000 [2GB] 40000 [4GB] 80000 [7GB] 150000 [8GB] 150000 [12GB] 75000 [16GB] 150000 [32GB] 150000 [64GB] 150000 [128GB] 200000
     
    For 8mb:
     
    vrange_block_size: 8372224
    vrange_blocks_num: [1GB] 20000 [2GB] 40000 [4GB] 80000 [7GB] 150000 [8GB] 150000 [12GB] 37500 [16GB] 150000 [32GB] 150000 [64GB] 150000 [128GB] 200000
     
    Please try first the 4mb option.
    Using this WA you will use a bigger buffer so you could face delay or memory issues if you set the buffer too big.


    Another important point is that the 14.x use a different way to handle request respect KRP, if you fall in that mode you should check very carefully your environment before update it in order to avoid performance issue.




    ------------------------------
    Francesco Zuliani
    Security Engineer
    Rome
    ------------------------------