On 2011-08-26, at 08:12, Nikolay Kichukov wrote: > Hi, > This one works like charm on my debian stable > > LimitRequestFieldSize 200 > > in the apache2.conf as global directive for all vhosts.
Be cautious about applying this mitigation -- it *will* break applications which use large cookies. In particular, the cookies generated by Google Analytics are often over 200 bytes long alone. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
