414 Request-URI Too Large

http://httpd.apache.org/docs/2.2/mod/core.html#limitrequestline

Description: Limit the size of the HTTP request line that will be accepted from the client
Syntax: LimitRequestLine bytes
Default: LimitRequestLine 8190
Context: server config, virtual host
Status: Core
Module: core

This directive sets the number of bytes that will be allowed on the HTTP request-line.

The LimitRequestLine directive allows the server administrator to set the limit on the allowed size of a client’s HTTP request-line. Since the request-line consists of the HTTP method, URI, and protocol version, the LimitRequestLine directive places a restriction on the length of a request-URI allowed for a request on the server. A server needs this value to be large enough to hold any of its resource names, including any information that might be passed in the query part of a GET request.

This directive gives the server administrator greater control over abnormal client request behavior, which may be useful for avoiding some forms of denial-of-service attacks.

For example:

LimitRequestLine 4094

Under normal conditions, the value should not be changed from the default. Also, you can’t set this higher than 8190 without modifying the source and rebuilding.

Warning

When name-based virtual hosting is used, the value for this directive is taken from the default (first-listed) virtual host for the NameVirtualHost the connection was mapped to.

Leave a Reply

*