Tweak suggestion

I have been applying Cloudflare Access to my infrastructure.
When accessing GL routers, NGINX on router shows HTTP 400 “Request Header Or Cookie Too Large”.
Google-ed it says: https://community.cloudflare.com/t/after-succesful-login-with-access-control-400-error-request-header-or-cookie-too-large/268176

May I suggest to tweak the NGINX configuration for that?

Thanks.

Can you check how big cookies Cloudflare Access is using? Would clearing the browser cookie before accessing or using the InPrivate window solve this problem?

Did you add the client_header_buffer_size parameter to the nginx profile as described in the topic? Does it work?

If it passes an invalid and large cookies, nginx may take a lot of time to process it. This can cause your access to be slowed down.

Just tested on incognito mode.
I am sorry but the problem seems to be not exactly on max-cookie-size.
There is a redirection loop.
May I ask if the built-in Nginx handles HTTP to HTTPS redirection, if URL (instead of IP) is used?
Could I “tail” the access log anywhere?

nginx does not have no redirects. http uses port 80, https uses port 443. Are you accessing port 443?
The Log page contains nginx logs now.

I have changed /etc/nginx/nginx.conf from the default

client_header_buffer_size 1k;

to

client_header_buffer_size 4k;

and it works now.

https://community.cloudflare.com/t/400-bad-request-request-header-or-cookie-too-large-nginx/285870

Thanks.

2 Likes