Description

This event is not caused by the rules, ASL or modsecurity. This rule simply reports when apache reports a critical error with a request. Specifically, this error is generated by apache when a URI is too long. Apache sets a limit on URIs of 8192 characters. Any request over this limit will be rejected by Apache.

This rule does not cause this error, therefore disabling this rule will not prevent apache from rejecting these requests, nor will it prevent apache from reporting these errors. This is just a reporting rule that reports when apache has rejected the request. The rule does not cause this event, it simply reports it.

Troubleshooting

False Positives

None.

Tuning Guidance

Please contact your Apache vendor for assistance with increasing URI limits. In general, it is recommended by web server vendors that you use POST requests and HTTP bodies for large requests, and not large GET request URIs.

Additional Information

Similar Rules

None.

Knowledge Base Articles

None.

Outside References

None.

Notes