Server administrators might need to increase or decrease the size of the HTTP Request header field. A server needs this value to be large enough to handle normal client requests. A server administrator might want to avoid certain denial of service attacks by decreasing the size of this value.
The default HTTP Request Header value is 8190 bytes.
Resolving The Problem
The LimitRequestFieldSize directive should be used to increase or decrease the default limit for each field (line) in the request header beyond 8K.
This directive for httpd.conf can be placed in the Global scope (outside of any <Virtual Host> stanzas) or in the <Virtual Host>. If placed in the Global scope it MUST be placed before any <Virtual Host> stanzas as this directive is affected by order of directives in the conf and inheritance.
Required levels of IBM HTTP Server for increasing beyond 8K:
- V8.x all releases
- V7.0 all releases
15 June 2018