Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

lmiestc_26212's avatar
lmiestc_26212
Icon for Cirrus rankCirrus
Feb 05, 2010

Logging HTTP header that is longer than the maximum allowed

Hi Community,     Recently after an upgrade of our Portal I started to see occasional entries in the /var/log/ltm about   HTTP header (32800) exceeded maximum allowed size of 32768 and...
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Dec 19, 2011
It seems that this message isn't about the size of one single header, but the size of the full request header, including http command ("GET /... HTTP/1.1") and http headers.

 

 

Exactly. The HTTP profile setting is the max size for the HTTP headers combined including the request line.

 

 

It's easy to allow logging something for these requests : just increase "Maximum Header Size" in http profile, but at this point, I don't know if it's possible to access the request header size.

 

 

Well, it's easy to increase the max headers size, but you can still get requests with a larger header size than you've seen before/configured to be allowed. So it's not so easy to guarantee that you can log the max size you could receive.

 

 

Aaron

Recent Discussions