Not long ago, it was discovered that some Web sites are vulnerable
to a kind of attack in which executable code is sent to the Web page
through the HTTP request buffer. In response to this threat,
Microsoft introduced a new IIS registry key, MaxClientRequestBuffer.
In IIS4, the default maximum size of the request buffer is 2MB, while
in IIS5, it has shrunk to 128KB. If you wish to increase (not
recommended) or decrease the size of the buffer, simply navigate to
the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\w3svc\parameters
Then edit the MaxClientRequestBuffer key. If this key doesn't exist,
add it, and set its data type to REG_DWORD. Then, in the DWORD Editor,
select Decimal under Radix, and then enter the number of bytes for
the buffer.
Limit the HTTP request buffer
By ElementK Journals, published on 14 Jul 2001
| Filed in
You might also like...
IIS forum discussion
-
Problem viewing IIS website locally
by ep1 (0 replies)
-
How to fix Mozilla thunderbird password recovery?
by ajexmartin (0 replies)
-
Invitation to take part in an academic research study
by researchlab (0 replies)
-
How to insert & edit unique value using store procedure
by umeshdaiya (0 replies)
-
How to troubleshoot Epson laser printer?
by daisywyatt618 (0 replies)
IIS podcasts
-
Hanselminutes: Startup Series: Buying an Existing Small Company or Online Application
Published 8 years ago, running time 0h34m
Scott talks to Rob Walling about how he purchases small niche products and companies online and revitalizes them. He recently purchased an existing product that consisted of a 300 gig database and tens of thousands of lines of Classic ASP. How did he know it was valuable? What's next?
Comments