DEFAULT LIMIT
DEFAULT LIMIT
[POLICY] > (Select Domain Group) > [Policy Settings] > DOMAIN POLICY > [DEFAULT LIMIT]
This policy sets the maximum length and count limits for each component (parameter, cookie, URL, etc.) of the HTTP request packet sent by the client to the web server.
By blocking abnormally long requests, you can prevent Buffer Overflow attacks or Denial of Service (DoS) attacks caused by excessive resource consumption.
After changing the settings, you must click the [SAVE] button to apply the policy, and the change history will be recorded in the audit log.
| Item | Description |
|---|---|
| Max Parameter Name Length | Limits the length of the parameter (Key) name transmitted during GET or POST requests. |
| Max Query Length | Limits the total length of the query string (string after ?) appended to the URL. |
| Max Cookie Name Length | Limits the length of the cookie name included in the HTTP header. |
| Max Cookie Value Length | Limits the length of the cookie value. |
| Max Cookie Count | Limits the maximum number of cookies that can be included in a single request header. |
| Max URL Length | Limits the length of the resource path excluding the domain. |
| Max Request Line Length (URL + Query String) |
Limits the length of the entire Request-Line. In DeepFinder, this generally refers to the combined length of the URL (Path) + Query String. |
Note
Understanding Request Line (URL Line) Structure
The Request Line refers to the part of the value entered in the web browser address bar excluding the domain, and consists of the URL (Path) and the Query String.
Example URL: http://kr.news.yahoo.com/service/news/shellview.htm?articleid=2009&linkid=57
* Host: kr.news.yahoo.com
* URL (Path): /service/news/shellview.htm
* Query String: articleid=2009&linkid=57
* Request Line: /service/news/shellview.htm?articleid=2009&linkid=57