10.11 Configure maxHttpHeaderSize

Information

The maxHttpHeaderSize limits the size of the request and response headers defined in bytes.

Rationale:

Limiting the size of the header request can help protect against Denial of Service (DoS) requests.

Solution

Set maxHttpHeaderSize for each connector in $CATALINA_HOME/conf/server.xml to the appropriate setting.

maxHttpHeaderSize='8192'

Default Value:

By default this is set to 8192.

References:

https://tomcat.apache.org/tomcat-8.0-doc/config/http.html

See Also

https://workbench.cisecurity.org/files/2506

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CSCv7|5.1

Plugin: Unix

Control ID: 932e64ca6fb1ae1c9ea27675e685b502ffe7f9c14fbdf9b44700ab2fb4ab8cee