10.10 Configure maxHttpHeaderSize

Information

The maxHttpHeaderSize limits the size of the request and response headers defined in bytes.

Rationale:

Limiting the size of the header request can help protect against Denial of Service (DoS) requests.

Solution

Set maxHttpHeaderSize for each connector in $CATALINA_HOME/conf/server.xml to the appropriate setting.

maxHttpHeaderSize='8192'

Default Value:

The default is 8192 bytes.

See Also

https://workbench.cisecurity.org/files/4107

Item Details

Category: ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|AC-18, 800-53|SC-23, CSCv7|5.1

Plugin: Unix

Control ID: ce6b81b00d455968efe6c0dad2bb809b8f8f97d2f3b3d204d8f1e235a8875e77