LimitRequestFields
LimitRequestFields number
Default: LimitRequestFields 100
Server config
number is an integer from 0 (meaning
unlimited) to 32,767. The default value is defined by the
compile-time constant DEFAULT_LIMIT_REQUEST_FIELDS
(100 as distributed).
The LimitRequestFields directive allows the server
administrator to modify the limit on the number of request header
fields allowed in an HTTP request. A server needs this value to be
larger than the number of fields that a normal client request might
include. The number of request header fields used by a client rarely
exceeds 20, but this may vary among different client implementations,
often depending upon the extent to which a user has configured her
browser to support detailed content negotiation. Optional HTTP
extensions are often expressed using request-header fields.
This directive gives the server administrator greater control over abnormal client-request behavior, which may be useful for avoiding some forms of denial-of-service attacks. The value should be increased if normal clients see an error response from the server that indicates too many fields were sent in the request.