github-starred/pangolin
2
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-05-21 17:20:36 -05:00
Code Issues 959 Packages Projects Releases 74 Wiki Activity

[GH-ISSUE #1106] Bug: Expand maxmimum upload size #1767

New Issue
Closed
opened 2026-04-16 08:34:44 -05:00 by GiteaMirror · 5 comments
GiteaMirror commented 2026-04-16 08:34:44 -05:00
Owner
Copy Link

Originally created by @MorganKryze on GitHub (Jul 21, 2025).
Original GitHub issue: https://github.com/fosrl/pangolin/issues/1106

TLDR

Trying to upload files through a service, everything above 10Mb returns me 403 Forbidden.

Situation & steps

VPS setup:

  • Pangolin v1.7.3 (crowdsec v1.6.10, traefik v3.4.4)
  • Filebrowser v2.40.2

From my laptop, when trying to upload files under (around) 10Mb, everything works correctly.
Above (around) 10Mb, the file(s) try to upload in a cycle of one to three times, then crashes. The file(s) is not uploaded, or some are if multiple files.

Leads

Filebrowser is a service I am used to, and I knwo for sure that it can handle more than 10Mb transfers.

My assumption is that Crowdsec is responsible for this issue. The size of the packet outranges a maximum set somewhere, then with multiple tries, flag my ip and ban it for 4h (default) with a 403 Forbidden error.

This is an extract of a repetitive log message i get from the crowdsec instance whenever I try to upload a large file.

crowdsec  | time="2025-07-21T22:59:28Z" level=warning msg="Disrupting transaction with body size above the configured limit (Action Reject)" band=outband chain_rule_id=749632433 name=myAppSecComponent runner_uuid=faefd14f-c*****************7fc9ede6c tx_id=d1c1621d-3****************9080e7d7ef type=appsec

I guess that there should be a setting somewhere to change this maximum value, but cannot find it up until now.

I may be clumsy, if you need any more information about the config or the logs... feel free to ask!
Thanks for the help :) Fantastic tool btw

Originally created by @MorganKryze on GitHub (Jul 21, 2025). Original GitHub issue: https://github.com/fosrl/pangolin/issues/1106 ## TLDR Trying to upload files through a service, everything above `10Mb` returns me `403 Forbidden`. ## Situation & steps VPS setup: - Pangolin v1.7.3 (crowdsec v1.6.10, traefik v3.4.4) - Filebrowser v2.40.2 From my laptop, when trying to upload files under (around) `10Mb`, everything works correctly. Above (around) `10Mb`, the file(s) try to upload in a cycle of one to three times, then crashes. The file(s) is not uploaded, or some are if multiple files. ## Leads Filebrowser is a service I am used to, and I knwo for sure that it can handle more than 10Mb transfers. My assumption is that Crowdsec is responsible for this issue. The size of the packet outranges *a* maximum set somewhere, then with multiple tries, flag my ip and ban it for 4h (default) with a `403 Forbidden error`. This is an extract of a repetitive log message i get from the crowdsec instance whenever I try to upload a large file. ```plain crowdsec | time="2025-07-21T22:59:28Z" level=warning msg="Disrupting transaction with body size above the configured limit (Action Reject)" band=outband chain_rule_id=749632433 name=myAppSecComponent runner_uuid=faefd14f-c*****************7fc9ede6c tx_id=d1c1621d-3****************9080e7d7ef type=appsec ``` I guess that there should be a setting somewhere to change this maximum value, but cannot find it up until now. I may be clumsy, if you need any more information about the config or the logs... feel free to ask! Thanks for the help :) Fantastic tool btw
GiteaMirror commented 2026-04-16 08:34:46 -05:00
Author
Owner
Copy Link

@oschwartz10612 commented on GitHub (Jul 22, 2025):

Hi! Yes this is a crowdsec issue. I think it has a 10MB limit on appsec. Check out the following:

https://docs.crowdsec.net/docs/next/configuration/crowdsec_configuration/
https://app.crowdsec.net/hub/author/maxlerebourg/remediation-components/crowdsec-bouncer-traefik-plugin

I think you would want to play with increasing the CrowdsecAppsecBodyLimit value. https://github.com/fosrl/pangolin/pull/515/files

<!-- gh-comment-id:3104023106 --> @oschwartz10612 commented on GitHub (Jul 22, 2025): Hi! Yes this is a crowdsec issue. I think it has a 10MB limit on appsec. Check out the following: https://docs.crowdsec.net/docs/next/configuration/crowdsec_configuration/ https://app.crowdsec.net/hub/author/maxlerebourg/remediation-components/crowdsec-bouncer-traefik-plugin I think you would want to play with increasing the CrowdsecAppsecBodyLimit value. https://github.com/fosrl/pangolin/pull/515/files
GiteaMirror commented 2026-04-16 08:34:46 -05:00
Author
Owner
Copy Link

@MorganKryze commented on GitHub (Jul 22, 2025):

Hi!
Thank you for the quick response

  • I tried to tweak with the crowdsecAppsecBodyLimit: 10485760 value, ranging up to 100GB, restarting Traefik, crowdsec or the entire stack or even the VPS did not change a thing.
  • Following your first links, I tried to upgrade the traefik bouncer plugin from 1.4.2 to 1.4.4 (latest). No results.

On thing from https://app.crowdsec.net/hub/author/maxlerebourg/remediation-components/crowdsec-bouncer-traefik-plugin that I might understand is that CrowdsecAppsecBodyLimit is indeed limiting the traffic going to crowdsec, so putting it to a high/very high value would do the job, but it's not the case for me.

CrowdsecAppsecBodyLimit:
- int64
- default: 10485760 (= 10MB)
- Transmit only the first number of bytes to Crowdsec Appsec Server.

I may have missed something on my end

<!-- gh-comment-id:3105088908 --> @MorganKryze commented on GitHub (Jul 22, 2025): Hi! Thank you for the quick response - I tried to tweak with the `crowdsecAppsecBodyLimit: 10485760` value, ranging up to 100GB, restarting Traefik, crowdsec or the entire stack or even the VPS did not change a thing. - Following your first links, I tried to upgrade the traefik bouncer plugin from 1.4.2 to 1.4.4 (latest). No results. On thing from <https://app.crowdsec.net/hub/author/maxlerebourg/remediation-components/crowdsec-bouncer-traefik-plugin> that I might understand is that `CrowdsecAppsecBodyLimit` is indeed limiting the traffic going to crowdsec, so putting it to a high/very high value would do the job, but it's not the case for me. ```plain CrowdsecAppsecBodyLimit: - int64 - default: 10485760 (= 10MB) - Transmit only the first number of bytes to Crowdsec Appsec Server. ``` I may have missed something on my end
GiteaMirror commented 2026-04-16 08:34:47 -05:00
Author
Owner
Copy Link

@MorganKryze commented on GitHub (Jul 28, 2025):

Does anyone has encountered this issue and has found leads or solution to solve this subject?

Thanks,

<!-- gh-comment-id:3127032022 --> @MorganKryze commented on GitHub (Jul 28, 2025): Does anyone has encountered this issue and has found leads or solution to solve this subject? Thanks,
GiteaMirror commented 2026-04-16 08:34:47 -05:00
Author
Owner
Copy Link

@oschwartz10612 commented on GitHub (Jul 28, 2025):

Hum it seems like maybe its not pulling in the value correctly or something. I also note we did up the value in the default config as well. Could you give a post on discord? I think some people there have some more Crowdsec experience that could help.

<!-- gh-comment-id:3128401366 --> @oschwartz10612 commented on GitHub (Jul 28, 2025): Hum it seems like maybe its not pulling in the value correctly or something. I also note we did up the value in the default config as well. Could you give a post on discord? I think some people there have some more Crowdsec experience that could help.
GiteaMirror commented 2026-04-16 08:34:48 -05:00
Author
Owner
Copy Link

@MorganKryze commented on GitHub (Jul 29, 2025):

I was writing my post on discord when I deepen the research and found this exact comment: https://github.com/fosrl/pangolin/issues/436#issuecomment-2797924344

These steps did solve my issue. I was fully able to upload 154 Mo, 554 Mo files.

  • Updating crowdsec-bouncer-traefik-plugin to 1.4.2 / 1.4.4
  • Setting back CrowdsecAppsecBodyLimit value to the default 10485760
  • Restarting

If anyone has more information on why setting it back to its default value may change anything, I'm interested!

<!-- gh-comment-id:3133166430 --> @MorganKryze commented on GitHub (Jul 29, 2025): I was writing my post on discord when I deepen the research and found this exact comment: https://github.com/fosrl/pangolin/issues/436#issuecomment-2797924344 These steps did solve my issue. I was fully able to upload 154 Mo, 554 Mo files. - Updating `crowdsec-bouncer-traefik-plugin` to 1.4.2 / 1.4.4 - Setting back `CrowdsecAppsecBodyLimit` value to the default `10485760` - Restarting If anyone has more information on why setting it back to its default value may change anything, I'm interested!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
api
authentication
bug
config
dependencies
docker
documentation
enhancement
good first issue
help wanted
Improvement
Look Into
needs investigating
networking
new feature
non-critical bug
potential bug
pull-request
Mirrored from GitHub Pull Request
 question
reverse proxy
Security
stale
ui
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/pangolin#1767
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?