Remove From My Forums

The request filtering module is configured to deny a request where the query string is too long.

Question
0

Sign in to vote
User521171331 posted

Hi,

I wonder why after I add this code in my web.config,

<authorization>
<allow users="admin" />
<deny users="?"/>
</authorization>

I got these error mesg below:

HTTP Error 404.15 - Not Found

The request filtering module is configured to deny a request where the query string is too long.

<fieldset>
Most likely causes:

Request filtering is configured on the Web server to deny the request because the query string is too long.
</fieldset>
Sunday, August 21, 2016 4:03 AM

Answers

0

Sign in to vote
User-707554951 posted

Hi ngaisteve1,

From your description, I suppose perhaps the issue is related that when an unauthorized request comes in, the entire request is URL encoded, and added as a query string to the request to the authorization form, So, query string exceed maximum querystring size. So, I suggest you could increase the maximum querystring size by setting the maxQueryString attribute on the requestLimits element in the system.webServer/security/requestFiltering configuration section in your application’s web.config.

<system.webServer> <security> <requestFiltering> <requestLimits maxQueryString="32768"/> </requestFiltering> </security> </system.webServer> <httpRuntime maxQueryStringLength="32768" maxUrlLength="65536"/>

For more information about error 404.15, you could refer to the link below:

http://www.iis.net/ConfigReference/system.webServer/security/requestFiltering/requestLimits

https://msdn.microsoft.com/en-us/library/e1f13641(v=vs.100).aspx

Hope this can help you. If you have any question and confusion about the problem. Please don't hesitate to let me know.

Best regards
Cathy
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Monday, August 22, 2016 12:39 PM