414 Request-URI Too Long

The HTTP 414 status code indicates that a server refuses to process a request because the URI is too long.

This error might occur for several reasons:

• when the POST request was (incorrectly) converted to the GET request, creating a large query string
• infinite redirects keep expanding the URL on each redirect
• a malicious user is trying to DoS a server by sending a long URL

While HTTP 1.1 spec doesn’t mandate any hard limits concerning the URI length, most browsers set the limit to a few thousand characters.

Overwhelmingly, this happens when someone misuses GET requests to send form data encoded in a large query string. In such instances, it’s better to stick to POST requests unless you have a very good reason not to. Most web servers do allow you to increase the default limit if you want to accommodate such use cases.

Apache

You can increase the maximum allowed URI length in Apache by tweaking the LimitRequestLine directive. By default, Apache accepts URIs up to 8190 bytes.

LimitRequestLine 128000

Keep in mind that this directive must be defined before loading virtual hosts, which means it should be placed at the top of your config file.

Nginx

If your nginx error logs contain the message client sent too long URI while reading client request line, it means the request URI has exceeded the allowed limit.

In nginx, the maximum allowed URI length is defined by the large_client_header_buffers directive, which consists of two values: number and size of buffers. It defaults to 4 8k, which means Nginx caps each request line to 8 kilobytes.

large_client_header_buffers 4 128K;

If you still get 414 responses from Nginx, keep increasing the buffer size (the second part, 16K in the above example). Don’t forget to reload/restart your server each time you change a config.

Trivia

Due to backward compatibility requirements, Apple platforms (macOS and iOS) can accept URIs up to 2 gigabytes in size.