Handling Large Requests (413 Responses)

If large requests are blocked (413 responses) make sure to adjust the limit both for NGINX/Kong and open-appsec

For Kong NGINX


If you encounter 413 responses due to large requests, you need to adjust the request size limits in NGINX. Follow these steps:

  • Refer to NGINX documentation for detailed guidance.

  • Modify the client_max_body_size directive in your NGINX configuration file to increase the maximum allowed request size. For example, you can set it to a larger value like 10M (10 megabytes) or as required by your application.

  • After making the changes, save the configuration and reload NGINX using the appropriate command. This is typically done using sudo systemctl reload nginx.


If you are using Kong as an API gateway and facing 413 errors due to large requests, follow these steps:

  • Refer to the Kong Documentation for specific configuration options.

  • Adjust the allowed_payload_size or other relevant keys in your Kong configuration. Increase the maximum payload size to accommodate your application's needs.

  • Save the configuration changes and restart Kong to apply them.

For open-appsec

In Web UI (Central Management)

  • Log in to the open-appsec Web UI.

  • Navigate to the appropriate Asstet tab and choose the relevant asset.

  • Under Threat Prevention->Advanced adjust these settings to accommodate larger requests and save your changes.

  • Enforce to apply changes

For Declarative management

For Docker and Linux adjust the practice in the local policy file

pageLocal Policy File (Advanced)

For Kubernetes adjust the practice CRD

pageConfiguration Using CRDs

By following these steps, you should be able to resolve issues related to large requests and 413 responses in NGINX, Kong, and open-appsec. Remember to back up your configuration files before making changes, and thoroughly test the adjustments to ensure they meet your application's requirements.

Last updated