Buffer Overflow and Request Size Limits
Buffer Overflow and Request Size Limits
Prevent buffer overflow attacks through proper size limits:
# Nginx buffer overflow prevention
http {
# Client request limits
client_body_buffer_size 1K;
client_header_buffer_size 1k;
client_max_body_size 10M;
large_client_header_buffers 2 1k;
# Timeout settings
client_body_timeout 10;
client_header_timeout 10;
keepalive_timeout 5 5;
send_timeout 10;
# Additional protections
server_tokens off;
server {
# File upload size limits
location /upload {
client_max_body_size 50M;
client_body_buffer_size 128k;
# Validate content type
if ($content_type !~ "^multipart/form-data") {
return 415;
}
# Process upload
proxy_pass http://upload_backend;
proxy_request_buffering off;
}
# API endpoint limits
location /api {
client_max_body_size 1M;
# Limit request methods
limit_except GET POST PUT DELETE {
deny all;
}
}
}
}