I installed the mod_security version 2.5.13 with apache2 and I'm facing problem with SecResponseBodyLimit: ( ModSecurity: Output filter: Response body too large (over limit of 524288, total not specified))
and my question is: what is the impact of increasing the SecResponseBodyLimit from default value (512k) to (5M) ?
It means that anything over that limit will be rejected with a 500-Internal Server Error code.
To change what it does when it hits that error the SecResponseBodyLimitAction directive affects that.
By default, ModSecurity will reject a response body that is longer than specified. Some web sites, however, will produce very long responses, making it difficult to come up with a reasonable limit.
Reject causes the 500 error, where ProcessPartial allows even long responses to be allowed, but only the first part of long responses will be processed against mod_security.
https://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/2011-April/000694.html
