OHS SSL Request LimitRequestFieldSize Directive Ignored and Header Request Size Unknown
(Doc ID 2391162.1)
Last updated on AUGUST 03, 2023
Applies to:
Oracle HTTP Server - Version 12.2.1.2.0 and laterLinux x86-64
Symptoms
OHS ssl.conf LimitRequestFieldSize directive configured to set the number of bytes allowed for HTTP request headers to be larger than the default, 8190 bytes, for SSL requests.
However, the $DOMAIN_HOME/servers/<ohs name>/logs/access_log shows HTTP status 400 (Bad Request) errors.
The access_log does not capture the request header size sent; therefore, it is unclear if LimitRequestFieldSize limit is exceeded, and it is not known to how to test LimitRequestFieldSize.
Changes
OHS ssl.conf edited to include LimitRequestFieldSize.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |