Dear all,
I would like to inquire about the registry parameter (MaxFieldLength-MaxRequest
Bytes). Currently we have a very large SharePoint farm of 8 servers. Some users of remote locations throws the error "Bad Request - header is too long. "
Currently we have set the following values:
MaxFieldLength: 65534
MaxRequestBytes: 65534
But some users may receive this error because they belong to many groups and to get the kerberos ticket I believe it is long. The tech people told me that the value (MaxRequestBytes) can not be increased without affecting the infrastructure. I would like to understand why and how it can affect specifically.
I was reading this article:
http://support.microsoft.com/kb/2020943
The first request falls into Http.sys, so if you enlarge the size of the header that can be reached, it would be easier to kill the server by sending many large requests (Requests headers large) ... you understand?
There is more vulnerable the Http.sys, but the infrastructure that would come larger headers ... so mark it in bold, because much will depend on how you calculate it for the header ... it is best to take the header of the friends of Indonesia and see what is the maximum you header is coming, and on that basis to the maximum, ie, be as restrictive as possible.
Anyway, I recommend that you analyze the log of the server HTTPERR and see if they are well identified any IP they receive that message (in the field s-reason), because of having different IPs to those of Indonesia, without a cause "explained, "is to take care of making this change.