When attempting to upload files above a certain size, users get a 403 error from the server.
Previously, users would get a 413 error. I increased the value of SecRequestBodyLimit in modsecurity.conf and that cleared the 413 error.
I have tested this with files of various sizes to try to see where the limit is for this error. A file with size 6825789 bytes does not produce a 403 error, but a file of size 6871913 does. (I did a grep search in the mattermost install directory for 68\d{5}, but didn’t find anything where a number of the form 68XXXXX appeared. Also no results in /etc/*)
Same error regardless of using web interface or desktop client.
The response from the POST request that produces the 403 includes:
You don't have permission to access /api/v3/teams/6..e/files/upload
on this server.
The response from a successful upload is a JSON with the filenames and client_ids.
I suspect this is really an issue with how I have apache2 configured, but I can’t seem to find the misconfiguration.
Mattermost version 3.2.0 (Just upgraded. The error existed before upgrading as well.)
Apache/2.4.7 (Ubuntu)
mysql Ver 14.14 Distrib 5.6.31
EDIT: I have a mattermost.conf file in /etc/apache2/sites-enabled which has LimitRequestBody 0 in it.