LimitRequestFieldsize
LimitRequestFieldsize bytes
Default: LimitRequestFieldsize 8190
Server config
This directive specifies the number of
bytes
from 0 to the value of the
compile-time constant
DEFAULT_LIMIT_REQUEST_FIELDSIZE
(8,190 as
distributed) that will be allowed in an HTTP request header.
The LimitRequestFieldsize
directive allows the
server administrator to reduce the limit on the allowed size of an
HTTP request-header field below the normal input buffer size compiled
with the server. A server needs this value to be large enough to hold
any one header field from a normal client request. The size of a
normal request-header field will vary greatly among different client
implementations, often depending upon the extent to which a user has
configured his browser to support detailed content negotiation.
This directive gives the server administrator greater control over abnormal client-request behavior, which may be useful for avoiding some forms of denial-of-service attacks. Under normal conditions, the value should not be changed from the default.