Help Center/ Web Application Firewall/ User Guide (Kuala Lumpur Region)/ FAQs/ Service Interruption Check/ Why Am I Seeing Error Code 414 Request-URI Too Large?
Updated on 2024-03-14 GMT+08:00

Why Am I Seeing Error Code 414 Request-URI Too Large?

Symptoms

After a protected website is connected to WAF, the website is inaccessible and the error message "414 Request-URI Too Large" is displayed, as shown in Figure 1.

Figure 1 Error Code 414 Request-URI Too Large

Possible Causes

The client browser cannot parse JavaScript. In this situation, the client browser caches the page that contains the JavaScript code returned by WAF. Each time the protected website is requested, the cached page is accessed. WAF then verifies that the access request is from an invalid browser or crawler. The access request verification fails. As a result, an infinite loop occurs, the URI length exceeds the browser limit, and the website becomes inaccessible.

After JavaScript anti-crawler is enabled, WAF returns a piece of JavaScript code to the client when the client sends a request. If the client sends a normal request to the website, triggered by the received JavaScript code, the client will automatically send the request to WAF again. WAF then forwards the request to the origin server. This process is called JavaScript verification. Figure 2 shows how JavaScript verification works.

Figure 2 JavaScript anti-crawler detection process

Handling Suggestions

Disable the JavaScript anti-crawler protection by performing the following steps:

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. Click in the upper left corner and choose Web Application Firewall under Security.
  4. In the navigation pane on the left, choose Policies.
  5. Click the name of the target policy to go to the protection configuration page.
  6. In the Anti-Crawler configuration area, click Configure Bot Mitigation.
  7. Click the JavaScript tab and disable the JavaScript anti-crawler protection. Its status changes to .