Question
- How to increase client request header buffer size, in order to resolve common 400 Bad Request errors?
Answer
This can be achieved by adding directives to Apache and/or Nginx depending on your configuration.
How it Works
-
For Nginx, when a client sends a request line or request header, the directive client_header_buffer_size is used, which allows for header lines or requests to be a maximum of 1024 bytes, by default. This is sufficient for most requests. However, if a request includes long cookies, or comes from a WAP client, it may not fit into 1024 bytes. If a header line or request does not fit into this buffer then the directive large_client_header_buffers is used, which by default is 8190 bytes.
-
For Apache, by default, the directive LimitRequestFieldSize is used to determine the max size of a header lines or request which is 8190 bytes.
- For Apache with Nginx, the request header is first sent to Nginx as it is the reverse proxy, and if you have Smart static files processing enabled as shown in this article, and the page is static, Nginx will skip Apache and send the page straight to the client. Otherwise, if Smart static files processing is disabled, or the client is requesting a dynamic page, the request header will be sent in full to Apache, which will then pass the page back to Nginx to send to the client. This means it will be necessary to increase the value for both Nginx and Apache.
Note: When name-based virtual hosting is used, the value for this directive is taken from the default (first-listed) virtual host that best matches the current IP address and port combination. Plesk uses name-based virtual hosting only. Therefore, if your domain is using Apache, you must apply this globally as you cannot apply it to a single domain alone.The only way around this is to use Nginx-only hosting for the domain in question.
Due to the above note, the preferred solution is the Nginx-Only Hosting option. As applying this globally increases the potential for the server to be affected by DDoS attempts, as it increases the allowed header request size for every domain on the server.
Even if Apache and Nginx are used together, because it's possible to bypass Nginx and reach Apache directly on port 7080 & 7081.
Nginx-Only Hosting (For Single Domain)
- Log into Plesk
-
Following this article, add an Nginx Directive by going to Domains > example.com > Hosting & DNS > Apache & nginx Settings and add the following line to Additional nginx directives, then hit Apply.
large_client_header_buffers 4 16k;
Note: Edit 16k to match the desired request buffer size, keeping in mind that 8k is the default, and that the larger the buffer size the greater the impact from a DDoS attack. Also, in order for this to work you must have Proxy mode disabled for the domain you are applying. Please refer to this article for instructions.
Apache-Only Hosting (For Global)
-
Connect…
with