Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +3 person also asked this people also asked this
  • Locked Locked
  • Replies 24 replies
  • Subscribers 33 subscribers
  • Views 17157 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Having Problems with WAF with Nextcloud behind it. Error: "413 Request Entity too large"

Dwayne Parker

Hi,

 

I am using a Nextcloud behind a XG with WAF enabled. This worked until version 18 of XG. Now I am getting 413 Request Enitity too large Errors as soon as I am enabling "Common threat filter", Antivirus or Cookie Signing in the Protection Policy.

The WebServerProtection Log's in XG are showing the requests as allowed, but with HTTP Status Code 413. In the Logs of the server, there's nothing found.

Could someone advise me how to fix this?

 

P.S. After some research, I've read in the Nextcloud Forums that if a NGINX Reverseproxy is used, the configuration key "client_max_body_size" has to be set to a higher value.



This thread was automatically locked due to age.
  • 0

    XG WAF does not support WebDAV.

    In v18 we updated the ModSecurity and OWASP rules, and it's likely that this tightening of security has impacted on the previously working configuration, however we did not support WebDAV in versions earlier than v18, and we still do not.

     

    Regards,

    Stuart 

  • 0 in reply to J_87586

    Does Sophos XG 17.5 support WebDAV behind the WAF component?

    SH> NO WAF does not support WebDAV

    Does Sophos XG 18 support WebDAV behind the WAF component?

    SH> NO WAF does not support WebDAV

    If not, is their a plan to support WebDAV in the WAF within the next 6 months?

    SH> No there is no plan to support WebDAV

  • 0 in reply to PMStuart

    Hi Stuart,

    we also have many customers who rely on WebDAV, just for clouds and collaboration platforms. In general, WAF of XG firewall is still very much in its infancy. Here XG makes us look old as a partner. To execute any database commands that are overwritten after a config update and bring the system to a halt again is nonsense. We even lost customers to Fortinet, because a functioning WAF simply had priority. I respect your release cycles and know that other features have priority. Nevertheless there should be more possibilities to override the internal WAF settings. There should be some kind of expert mode where new internal settings can be enabled, but the admin will be warned that this could compromise the security of the system.

    Best regards

    Intrusus
    Sophos Certified Engineer | Sophos Certified Technician

    private lab:
    XG firewall with SFOS 18.0.3 MR-3
    Intercept X Advanced (for Server) with EDR EAP latest
    If a post solves your question use the 'Verify Answer' link

  • 0 in reply to intrusus

    Hi.  I'm supposed to ask Dwayne Parker if he got this working.  I want to use Nextcloud behind WAF, so that I'm protected.  But no idea how to do this.  I no longer see him in name completion.  Any other people in this thread using Nextcloud behind WAF?  I can setup Nextcloud in docker containers.

Unfiltered HTML