sfw/fix
414 low

414 URI Too Long

The request URL exceeded the server's length limit, usually from oversized query strings or a redirect loop appending parameters.

What you see

414 Request-URI Too Long
The requested URL's length exceeds the capacity limit for this server.

What’s actually happening

A request fails the moment the URL gets long enough — often a search or filter form using GET that packs dozens of fields into the query string. It can also show up mid-redirect when each hop tacks on more parameters until the URL blows past the cap. Short requests to the same endpoint work fine; only the long ones 414. nginx defaults to an 8k buffer for the request line, so you usually need a genuinely huge URL or a loop to hit it.

Common causes

  • A form using method="get" with many fields, so every input lands in the query string and the URL balloons.
  • A redirect chain where each hop appends tracking or state params, growing the URL until it exceeds the limit.
  • A rewrite loop (.htaccess / nginx) re-appending a query param on every internal pass.
  • Encoded data (a base64 blob, a long JWT, a return URL) stuffed into a query parameter instead of the body or a header.
  • A server with a deliberately low limit (nginx large_client_header_buffers, Apache LimitRequestLine) set tighter than the app needs.

How to fix it

  1. Switch the form from GET to POSTIf a search/filter form is generating a massive query string, change method="get" to method="post" so the data travels in the request body, which isn't subject to the URI length cap. Update the server handler to read POST params.
  2. Trim what's in the URLDrop empty/default fields from the query string before submitting, or send only the parameters that changed. Move large blobs (base64, long tokens) out of the URL into the body or a header.
  3. Find and break the redirect/rewrite loopTrace it with curl -sIL https://example.com/path and watch the Location header grow on each hop. If a param keeps reappending, fix the rewrite rule so it doesn't re-append on internal passes (check for a missing terminating condition).
  4. Raise the server limit if the length is legitimatenginx: bump large_client_header_buffers (e.g. 4 16k) and client_header_buffer_size. Apache: raise LimitRequestLine. Only do this when the long URL is genuinely needed — otherwise fix the root cause.

Stop it recurring

Use POST for forms with many or large fields, and keep tokens and blobs in the body rather than the query string.

Related errors

416 Range Not Satisfiable

low

A Range request asked for bytes past the file's actual size, common when resuming a download of a file that changed.

405 Method Not Allowed

medium

The URL exists but the HTTP verb used isn't allowed on that route, most often a POST hitting a GET-only path.

404 Not Found

high

A 404 means the page the visitor requested doesn’t exist at that URL. Here’s why it happens and how to fix it for good.

500 Internal Server Error

critical

A 500 is the server’s way of saying "something broke on my end." Generic by design — here’s how to find the real cause.