NGINX Reverse Proxy : Many html status code 400 responses, why?

Question

We have recently implemented a nginx based reverse proxy.

While, debugging our access logs, we are seeing quite a bit of status code 400 results.

They look somet

Answer 1

First, it's fairly possible that your clients send request with really big http headers or urls. Maybe an older version of your application set some (probably big) cookies which are unused now and some clients are still trying send them back.

I'd set the header buffers to a really big value and on the application side log the size of the headers/requests and the complete request if they are bigger than usual. Or completely take out the nginx from the chain and log the header/request with the same conditions. If you can, take out the nginx for only those IPs/subnets where the 400 errors came from. I suppose nginx can log the source IP for these 400 errors.