To limit the maximum size of a header in HTTP requests

1. In the console tree of ISA Server Management, click Firewall Policy.
2. In the details pane, click the applicable access rule or Web publishing rule.
3. On the Tasks tab, click Edit Selected Rule.
4. On the Traffic tab (for Web publishing rules) or on the Protocols tab (for access rules), click Filtering, and then click Configure HTTP.
5. On the General tab, in Maximum headers length (bytes), type the maximum number of bytes that a request can have in its headers (URL and headers) before it is blocked.

Notes

• To open ISA Server Management, click Start, point to All Programs, point to Microsoft ISA Server, and then click ISA Server Management.
• For ISA Server 2006 Enterprise Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Arrays, expand Array_Name, and then click Firewall Policy.
• For ISA Server 2006 Standard Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Server_Name, and then click Firewall Policy.

Important

• This setting is common for all rules to which the HTTP filter is applied.
• The maximum header length of 32768 bytes may be limited by the enterprise policy.
• After you click Apply in the details pane, the policy is updated. The new policy applies only to new connections.

Related Topics

---

Get latest ISA Server content at ISA Server Guidance(http://www.microsoft.com/). Send feedback about this page.

• English-to-Russian translation