System information
Adobe documentation - Confidential
<web-resource-name>POST ONLY SSL</web-resource-name>
<url-pattern>/post/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<display-name>POST ONLY</display-name>
<web-resource-collection>
<web-resource-name>BLOCK NOT POST</web-resource-name>
<url-pattern>/post/*</url-pattern>
<http-method>GET</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint />
</security-constraint>
Limit Request Size
Limiting the size of various elements of the HTTP request can help mitigate denial of service attacks and
other risks.
Consider specifying smaller request size limits by default, and then use larger sizes on URIs where files
are uploaded or very large form submissions occur.
Limit Request Size in IIS
In IIS you can use the Edit Feature Settings dialog in Request Filtering to control the Maximum Allowed
Content Length, Maximum URL Length and Maximum Query String Length.
Limit Request Size in Apache
Apache has several directives that can be used to control the allowed size of the request. Here are a few
directives you should consider setting: LimitRequestBody, LimitXMLRequestBody,
LimitRequestLine, LimitRequestFieldSize, LimitRequestFields.
Adobe documentation - Confidential