Category Archives: alerts

Strange HTTP 414 request captured by IDS

My ids is generating so many HTTP 414 requests i.r content Uri is too large, the interesting part is, all these requests are sending from my server to and external IP. I look into Apache and error logs , I couldn't find anything related to 414 status code. even my ids doesn't give much info other than the fallowing info

HTTP/1.1 414 Request-URI Too Large
 Server: Apache/2.2.22 (Debian) PHP/5.4.4-14+deb7u8 mod_ssl/2.2.22 OpenSSL/
 1.0.1e
 Vary: Accept-Encoding
 Content-Type: text/html; charset=iso-8859-1
 Accept-Ranges: bytes
 Date: Thu, 08 Jan 2015 23:02:47 GMT
 X-Varnish: 213113893
 Age: 0
 Via: 1.1 varnish
 Connection: keep-alive
 X-Cache: MISS
 Content-Length: 250

 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
 <html><head>
 <title>414 Request-URI Too Large</title>
 </head><body>
 <h1>Request-URI Too Large</h1>
 <p>The requested URL's length exceeds the capacity
 limit for this server.<br />
 </p>
 </body></html>

I just want know what my server wants to send? Is it a configuration issue?