Dealing with Nginx 400 Bad Request HTTP errors

Today I'll write about something I experienced personally, on my websites.
Some visitors reported that they were getting a "400 Bad Request" Nginx error randomly when visiting pages. And when they start getting that error, they can't access the site anymore: it'll output the same error no matter the page, until you "clear your cache and cookies".

The error is easily understandable and is likely to be caused by... too much cookie data.
Every time a visitor loads *any* page/content/file of your website, it sends the cookie data to the server.
Cookie data is sent under the form of 1 header line starting with "Cookie: ".

Basically, Nginx by default is configured to accept header lines of a maximum size of 4 kilobytes.
When a line in the headers exceeds 4 kilobytes, Nginx returns the '400 Bad Request' error.
Cookie data sometimes gets big, so it causes the error. It particularly happens on forums like vBulletin, Invision and others.
So why does it happen only for some web browsers (Firefox, Chrome...) and not others? Because those browsers do not limit the amount of data a cookie may store. Or maybe they do, but the limit is higher than the default 4k of Nginx. Other browsers limit the amount of cookie data so they do not have the issue.

There is a simple fix for that. The large_client_header_buffers directive of Nginx allows you to define size of buffers that will contain large headers like those big fat cookies.

The directive specifies: the amount of buffers, and the size of buffers. You basically need to increase the size.
In your http block (or your server block, if you want to apply the setting at the virtual host level), insert this directive with a size larger than 4k (actually the default size can be 8k depending on your system, so let's make it... 16k):

http {
   [...]
   large_client_header_buffers 4 16k;
   [...]
}

Save your configuration, reload nginx by running /usr/local/nginx/sbin/nginx -s reload and it should now be fine. If you ever get the "400 Bad Request" again, you could either increase this value once more or look into the code and see why cookies get so big.

Comments

Comment poster said…
Understanding Metamask Wallet:**
Comment poster said…
At its core, Metamask is a cryptocurrency wallet.
Comment poster said…
experienced cryptocurrency users.
Comment poster said…

Navigating the World of Decentralized Finance Safely and Seamlessly**
Comment poster said…
What sets Metamask apart is its focus on .
Comment poster said…
**Understanding Metamask Wallet:**
Comment poster said…
applications using a browser extension or mobile app.
Comment poster said…
**Unveiling the New Twitter Logo X: A Bold Step into the Future**
Comment poster said…
In the rapidly expanding landscape of blockchain and cryptocurrency
Comment poster said…
providing a user-friendly interface for both beginners and
Comment poster said…
I love how this furniture combines modern design with functionality. It's sleek, stylish, and practical all at once."

Comment poster said…
"I love how this furniture combines modern design with functionality. It's sleek, stylish, and practical all at once."
Comment poster said…
This photo deserves to be framed and hung on a wall. Absolutely breathtaking!"
Comment poster said…
This photo reminds me why I love exploring and discovering new places. Thanks for the inspiration!"
Comment poster said…
Bruhhhh!!! what A shit blog
Comment poster said…
Hurrah! What a blog
Hey,
This is very nice and informative blog.
Thanks for sharing
Franklin said…
Good technical content. It was very helpful. After all this coding you must be feeling tired. Don't worry recharge yourself by ordering a Same Day Delivery Cakes in Calicut
S L Basics said…
SEBCO+ sunscreen is specifically formulated to meet the needs of individuals with sensitive, oily, and acne-prone skin type.
Gsm Gateway said…
An fxs voip gateway is a device that allows businesses to connect their analog phone lines to a VoIP network. FXS stands for Foreign Exchange Office, and it refers to the interface that receives dial tone, battery current, and ringing voltage from a telephone company.
Laptop Rental said…
I appreciate the effort you put into addressing different facets of the topic. It's a well-rounded perspective that adds depth to the conversation. Keep up the excellent work!

HP Laptops for rent in Mumbai
junaid said…
I really enjoyed raeding this article and i suggest everyone to use these mini and bugdet friendly gadgets like neck fan in summer.
Anonymous said…
This is a helpful post, thanks for sharing! Speaking of development, if anyone here is in need of a top-notch development team, VFIXTECHNOLOGY offers amazing website and mobile app development services. Whether it’s building a brand-new site or redesigning an existing one, they have the skills and experience to deliver great results.
Rich Digital said…
OUTSTANDING BLOG

SSL Certificate in Ghaziabad
Oldest Older 201 – 226 of 226

Popular posts from this blog

Affiliate module for Interspire Shopping Cart

Nginx error 413: Request entity too large Quick Fix