Increasing cookie size limit in nginx and apache

[isscbta]

This guide explains how to increase the buffer size for URL + cookies accepted by the server in incoming http/https requests.
This is done by modifying the relevant configurations in Nginx and Apache. Below is a step-by-step guide to making these changes.

---

Nginx Configuration
By default, Nginx limits the size of request headers, which affects how large cookies can be. To increase this limit, edit the nginx.conf file and adjust the `large_client_header_buffers` setting.

Steps:
1. Open the Nginx configuration file:

Code: Select all

sudo mcedit /etc/nginx/nginx.conf

2. Find and modify (or add) the following line:

Code: Select all

large_client_header_buffers     8   16k;

This increases the buffer size, allowing larger headers.

3. Alternatively, you can use `sed` to automate the change:

Code: Select all

sudo sed -i "s#large_client_header_buffers.*#large_client_header_buffers     8   16k;#g" /etc/nginx/nginx.conf

4. Restart Nginx to apply changes:

Code: Select all

sudo systemctl restart nginx

---

Apache Configuration
For Apache, the relevant setting is `LimitRequestFieldSize`, which controls the maximum size of an HTTP request header field.

Steps:
1. Open the Apache configuration file:

Code: Select all

sudo mcedit /etc/apache2/apache2.conf

2. Add or modify the following line:

Code: Select all

LimitRequestFieldSize 16380

If the directive already exists, update its value. If not, add it at the end of the file.

3. Alternatively, you can automate this using:

Code: Select all

sudo sed -i '/LimitRequestFieldSize/d' /etc/apache2/apache2.conf
sudo echo "LimitRequestFieldSize 16380" >> /etc/apache2/apache2.conf

4. Restart Apache to apply the changes:

Code: Select all

sudo systemctl restart apache2