Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

is changing the value of ecard_max_http_req_uri_len has any risk?


hello everyone,

the value of ecard_max_http_req_uri_len in our ASM is set to the default of 2048, and one of the applications we have got blocked for exceeding the length, so we increase it to 2096 and after some time they got blocked too so we increase it again to 2144, now they are getting blocked again, so I want to increase it more but i'm wondering if it has any security issue, I tried looking for answer but no clear answer, the closest I got was it may consume more resorces from ASM, 

so I need to know if I can increase it without having any issue in security or performance.



Follow this recommendation:

Or even better: Ask the developers how long the requests uri's could be and set the variable accordingly.