Appropriate limit for maxResponseBodySize

johnw · February 25, 2026, 1:26pm

Hi, I recently started getting a lot of warnings in my log for each of the applications I set up forward auth (through Authentik) for.

WRN ForwardAuth 'maxResponseBodySize' is not configured, allowing unlimited response body size which can lead to DoS attacks and memory exhaustion. Please set an appropriate limit

Where do I set this limit? in my traefik config or in authentik? Also what is an ‘appropriate limit’?

Thanks

bluepuma77 · February 25, 2026, 1:30pm

Let me Internet search that for you "traefik maxResponseBodySize":

Traefik ForwardAuth doc

It even contains "Guidelines for Setting maxBodySize"

pacoguzman · March 4, 2026, 10:53am

Guidelines are refering for maxBodySize which is a different attribute

bluepuma77 · March 4, 2026, 4:36pm

True. I guess for maxResponseBodySize there is no real recommendation, My understanding is that ForwardAuth returns the auth service login page. I guess you could try with 1MB (?) and go lower. It will probably mostly depend on the used logo image, if any.

Topic		Replies	Views
Incorrect doc for maxRequestBodyBytes? Traefik v3 (latest) middleware	1	177	December 5, 2024
Setting up maxRequestBodyBytes for dedicated urls / api routes (Docker) Traefik v1 docker	3	2306	July 30, 2019
Increase maximum body size without buffering? Traefik v2 middleware	7	11030	June 16, 2025
Upload size >2GB? Traefik v2 file	6	7781	October 23, 2025
431 Request Header Fields Too Large Traefik v1 kubernetes-ingress	1	4049	June 29, 2021

Appropriate limit for maxResponseBodySize

Related topics