Search Our Database

How to Fix “413 Content Too Large” Error in DirectAdmin (ModSecurity)

Last updated on |
under
Applications and Software, Content Management System, DirectAdmin
|
by

Introduction

On DirectAdmin servers, a 413 Content Too Large error may occur when users attempt to upload files or save large posts/pages in applications like WordPress.
This issue is commonly triggered by ModSecurity request body limits, not PHP’s upload/post size or Apache itself.

By default, ModSecurity sets a very low SecRequestBodyNoFilesLimit (128 KB), which can block large JSON requests (e.g., WordPress post data).
This guide will walk you through adjusting the ModSecurity limits to resolve the issue.

Symptoms

  • WordPress returns 413 Content Too Large or Content Too Large.

  • Apache error log shows entries like:

    ModSecurity: Request body no files data length is larger than the configured limit (131072).

  • File uploads may succeed, but saving large pages/posts fails.

Prerequisites

  • SSH root access to the server

  • DirectAdmin with Apache/ModSecurity enabled

 

Step-by-Step Guide

Step 1: Locate the ModSecurity Config

The main ModSecurity config on DirectAdmin servers is usually found at:

/etc/httpd/conf/extra/httpd-modsecurity.conf

 

Step 2: Increase the Request Body Limits

Open the config file:

nano /etc/httpd/conf/extra/httpd-modsecurity.conf

Locate the following directives and update them to higher values (e.g., 256 MB):

SecRequestBodyLimit 268435456 
SecRequestBodyNoFilesLimit 268435456 
SecRequestBodyInMemoryLimit 268435456

Tips 🖊️: Values are in bytes.

  • 268435456 = 256 MB
  • If you prefer a smaller but safe value, use 33554432 (32 MB).

 

Step 3: Restart Apache

Apply the changes:

systemctl restart httpd

Step 4: (Optional) Apply Per-Domain Override

If you only want to raise the limits for a specific domain (e.g., yourdomain.com.my), create or edit:

/usr/local/directadmin/data/users/USERNAME/domains/DOMAIN.COM.cust_httpd

Add:

<IfModule mod_security2.c>
    SecRequestBodyLimit 268435456
    SecRequestBodyNoFilesLimit 268435456
    SecRequestBodyInMemoryLimit 268435456
</IfModule>

Rebuild configs and restart:

cd /usr/local/directadmin/custombuild 
./build rewrite_confs systemctl restart httpd

Verification

  1. Reproduce the request (upload file or save WordPress page).

  2. Confirm that the 413 Content Too Large error no longer appears.

  3. Check Apache logs for any new ModSecurity blocks.

 

Conclusion

The 413 Content Too Large error on DirectAdmin servers is often caused by ModSecurity’s low request body limits rather than PHP settings.
By increasing the SecRequestBodyLimit and SecRequestBodyNoFilesLimit, large post data and uploads can be handled without issues.

For security, avoid setting values excessively high unless necessary. A balanced default (e.g., 32 MB) is usually sufficient, but WordPress page builders may require larger values. Should you have any inquiries about the guidelines, please feel free to open a ticket through your portal account or contact us at support@ipserverone.com. We’ll be happy to assist you further.

Related Article

Related Posts