After updating the Form plugin to v4.0.2 (and Email plugin to v3.0.5 and Grav to 1.6.2), I am no longer able to upload files larger than ~500kb via the GUI.
The Max Filesize on Plugin: Form is set to use the system default (which is 64M). However, even changing the Max Filesize doesn’t allow larger files.
Everything was working prior the updates.
Any suggestions how to troubleshoot?
Here is how to error appears (larger image on left):
Update: I tested uploading files on backup copies of my site (prior to updating Form, Email, and Grav) – and got a similar error:
Thus, it looks like the issue is with the server and not the updates.
Any thoughts on where to start diagnosing this?
The failing image has a whitespace in its filename. Please rename and retry.
If that fails too, have a look in the server’s log files.
Renaming still fails.
Which specific server logs should I look at?
That depends on your server. Common locations are
Thanks again – I think I figured it out.
I found a lot of errors; here are two sample errors:
[Thu Feb 06 03:13:02.541067 2020] [:error] [pid 31022] [client 54.293.245.176:52154] [client 54.293.245.176] ModSecurity: Multipart parsing error: Multipart: Failed to create file: /run/shm/modsec_tmp/20200206-031302-Xjv0voaG08yn1@JgY5rB3wAAAAk-file-eNLcVn [hostname "www.example.com"] [uri "/admin/media/home/_thinking.json/task:addmedia"] [unique_id "Xjv0voaG08yn1@JgY5rB3wAAAAk"], referer: https://www.example.com/admin/pages/home/_thinking
[Thu Feb 06 03:13:02.545312 2020] [:error] [pid 31022] [client 54.293.245.176:52154] [client 54.293.245.176] ModSecurity: Input filter: Failed to create temporary file: /run/shm/modsec_tmp/20200206-031302-Xjv0voaG08yn1@JgY5rB3wAAAAk-request_body-h1mUBZ [hostname "www.example.com"] [uri "/admin/media/home/_thinking.json/task:addmedia"] [unique_id "Xjv0voaG08yn1@JgY5rB3wAAAAk"], referer: https://www.example.com/admin/pages/home/_thinking
After researching mod_security, I tried turning off the “Extra Web Security” feature on Dreamhost and it worked.
ps – Dreamhost responded and said their mod_security was misconfigured. They fixed it and everything works – even with mod_security enabled.
Great! Thanks for the feedback!