Difference between revisions of "HIDS 30117"
m (→Description) |
m (→Tuning Guidance) |
||
| Line 23: | Line 23: | ||
== Tuning Guidance == | == Tuning Guidance == | ||
| − | Please contact your Apache vendor for assistance with increasing URI limits. In general, it is recommended by web server vendors that you use POST requests and HTTP bodies for large requests, and not large GET request URIs. | + | Please contact your Apache vendor for assistance with increasing URI limits. In general, it is recommended by web server vendors that you use POST requests and HTTP bodies for large requests, and not use large GET request URIs. |
| − | + | ''' | |
| − | The information provided below is provide as a courtesy. If you have issues with increasing the URI limit in Apache, please contact your Apache vendor. | + | The information provided below is provide as a courtesy for our customers.''' If you have issues with increasing the URI limit in Apache, please contact your Apache vendor. |
To increase the limit in Apache, you can change the LimitRequestLine variable to a larger number, as documented in the Apache configuration documentation for Apache 2.2 at the URL below: | To increase the limit in Apache, you can change the LimitRequestLine variable to a larger number, as documented in the Apache configuration documentation for Apache 2.2 at the URL below: | ||
Revision as of 18:01, 25 November 2012
| Rule 30117 | |
|---|---|
| Status | Active |
| Alert Message | Invalid URI, file name too long. |
Contents |
Description
This event is not caused by the rules, ASL or modsecurity. This rule simply reports when apache reports a critical error with a request. Specifically, this error is generated by apache when a URI exceeds the limit set in Apache. By default, Apache sets a limit on URIs of 8192 characters. Any request over this limit will be rejected by Apache.
Please see the Tuning Guidance below for assistance with changing this limit in Apache.
This rule does not cause this error, therefore disabling this rule will not prevent apache from rejecting these requests, nor will it prevent apache from reporting these errors. This is just a reporting rule that reports when apache has rejected the request. The rule does not cause this event, it simply reports it.
Troubleshooting
False Positives
None.
Tuning Guidance
Please contact your Apache vendor for assistance with increasing URI limits. In general, it is recommended by web server vendors that you use POST requests and HTTP bodies for large requests, and not use large GET request URIs. The information provided below is provide as a courtesy for our customers. If you have issues with increasing the URI limit in Apache, please contact your Apache vendor.
To increase the limit in Apache, you can change the LimitRequestLine variable to a larger number, as documented in the Apache configuration documentation for Apache 2.2 at the URL below:
https://httpd.apache.org/docs/2.2/mod/core.html#limitrequestline
And for Apache 2.4 at the URL below:
https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestline
Additional Information
Similar Rules
None.
Knowledge Base Articles
None.
Outside References
None.
