Request Header Too Large
Production Risk
Medium — if clients routinely hit 494 it indicates header bloat, usually from accumulated cookies.
494 Request Header Too Large is an nginx-specific code returned when the client's request headers exceed nginx's configured buffer size. It is a precursor to the standard 431, used internally by nginx before the 431 code was standardised.
- 1The request contains too many cookies, resulting in an oversized Cookie header.
- 2The Authorization header contains a very large JWT or API key.
- 3Many custom headers are included in the request.
- 4nginx's large_client_header_buffers is set too small for the application's header usage.
A web app accumulates many cookies over time; eventually the Cookie header exceeds nginx's buffer limit.
GET /dashboard HTTP/1.1 Host: example.com Cookie: session=...; pref=...; analytics=...; ... (very long)
expected output
HTTP/1.1 494 Request Header Too Large
Fix 1
Increase nginx header buffer size
WHEN Headers are legitimately large for your application.
# nginx.conf
http {
large_client_header_buffers 4 32k;
}Why this works
Allocates larger buffers for incoming request headers, accommodating larger values.
Fix 2
Reduce cookie size
WHEN Excessive cookies are the cause.
# Clear non-essential cookies from the client # Or move session data server-side and use a small session ID cookie
Why this works
Reduces the size of the Cookie header to within nginx's default limits.
✕ Do not set large_client_header_buffers excessively large
Each buffer is allocated per connection; very large buffers waste memory under high concurrency.
nginx-specific. Equivalent to the standardised 431. nginx also returns 431 in some versions.
Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev