Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(LimitRequestFieldSize): Set request header field size to 16kb. #8

Merged
merged 1 commit into from
Jun 2, 2021
Merged

feat(LimitRequestFieldSize): Set request header field size to 16kb. #8

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 17 additions & 0 deletions httpd.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,23 @@ ServerAdmin root@localhost
#
DocumentRoot "/var/www/html"

#
# LimitRequestFieldSize: This directive specifies the number of bytes that
# will be allowed in an HTTP request header. The LimitRequestFieldSize
# directive allows the server administrator to set the limit on the allowed
# size of an HTTP request header field. A server needs this value to be large
# enough to hold any one header field from a normal client request. The size
# of a normal request header field will vary greatly among different client
# implementations, often depending upon the extent to which a user has
# configured their browser to support detailed content negotiation. SPNEGO
# authentication headers can be up to 12392 bytes.
#
# This directive gives the server administrator greater control over abnormal
# client request behavior, which may be useful for avoiding some forms of
# denial-of-service attacks.
#
LimitRequestFieldSize 16384

#
# Relax access to content within /var/www.
#
Expand Down