{"id":29342,"date":"2026-03-10T11:40:21","date_gmt":"2026-03-10T10:40:21","guid":{"rendered":"https:\/\/contabo.com\/blog\/?p=29342"},"modified":"2026-03-24T11:49:12","modified_gmt":"2026-03-24T10:49:12","slug":"http-error-431-request-header-fields-too-large","status":"publish","type":"post","link":"https:\/\/contabo.com\/blog\/http-error-431-request-header-fields-too-large\/","title":{"rendered":"HTTP Error 431: How to Diagnose and Fix It"},"content":{"rendered":"\n

You’re visiting a site \u2014 or running one \u2014 and instead of content, the browser returns a bare error page with no explanation. HTTP error 431 is one of the quieter HTTP status codes, but it has a clear cause and a short list of fixes.<\/p>\n\n\n\n

Unlike server-side 5xx errors, 431 is a client-side response. The server received your request just fine. It read the headers, decided they were too large to process, and refused. Here’s how to get past it.<\/p>\n\n\n\n

What Is HTTP Error 431?<\/h2>\n\n\n\n

HTTP 431 \u2014 formally ‘Request Header Fields Too Large’ \u2014 is the server’s way of saying it won’t process a request because the HTTP headers attached to it exceed its configured size limit.<\/p>\n\n\n\n

Every HTTP request carries headers: metadata like cookies, the referrer URL, content type, authorization tokens, and any custom fields the browser or application adds. There’s no universal maximum defined in the HTTP specification, but individual servers set their own limits for security and performance reasons.<\/p>\n\n\n\n

When the total header payload \u2014 or a single oversized field \u2014 crosses that threshold, the server returns 431 instead of the requested content. The browser usually shows something unhelpful like ‘This page isn’t working’ with no further context.<\/p>\n\n\n\n

Field<\/strong><\/td>Details<\/strong><\/td><\/tr>
Error code<\/strong><\/td>HTTP 431<\/td><\/tr>
Error type<\/strong><\/td>Client-side<\/td><\/tr>
Variations<\/strong><\/td>Request Header Fields Too Large \/ This page isn’t working<\/td><\/tr>
Primary causes<\/strong><\/td>Too many cookies, long referrer URL, oversized custom request headers<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

The error is a client-side issue in the sense that the fix often requires changes on the requester’s side \u2014 clearing cookies, trimming URLs \u2014 but site owners may also need to adjust server configuration to raise the limit.<\/p>\n\n\n\n

Fix 1: Clear Your Browser Cookies<\/h2>\n\n\n\n

Cookies are the most common culprit. Every cookie stored for a domain gets attached to every request header sent to that domain. If a site has accumulated dozens of cookies over multiple visits \u2014 session tokens, analytics identifiers, A\/B test flags, ad tracking \u2014 the cumulative header size can easily exceed server limits.<\/p>\n\n\n\n

Clearing cookies resets the request headers to a minimal, clean state.<\/p>\n\n\n\n

Clear all cookies in Chrome<\/h3>\n\n\n\n
    \n
  • Click the three-dot menu and select More tools > Clear browsing data, or press Ctrl+Shift+Del.<\/li>\n\n\n\n
  • Set Time range to All time.<\/li>\n\n\n\n
  • Check Cookies and other site data.<\/li>\n\n\n\n
  • Click Clear data.<\/li>\n<\/ul>\n\n\n\n

    This logs you out of all sites. Save any passwords or use a password manager before doing this.<\/p>\n\n\n\n

    Clear cookies for a specific site only<\/h3>\n\n\n\n
      \n
    • Go to Settings > Privacy and security > Cookies and other site data.<\/li>\n\n\n\n
    • Click See all cookies and site data.<\/li>\n\n\n\n
    • Search for the domain in the Search cookies field.<\/li>\n\n\n\n
    • Click the trash icon or Remove All Shown.<\/li>\n<\/ul>\n\n\n\n

      This targets just the problematic domain and leaves other site sessions intact. It’s the better approach when you only get the 431 request header fields too large error on one particular site.<\/p>\n\n\n\n

      Going forward, browsers accumulate cookies silently. If you use sites with heavy personalization or advertising, cookie buildup is fast. Clearing them periodically prevents the error from recurring.<\/p>\n\n\n\n

      Fix 2: Shorten the Referrer URL<\/h2>\n\n\n\n

      The HTTP Referer header tells the destination server which page you came from. When you click a link with extensive UTM parameters or tracking strings attached, that entire URL lands in the request header.<\/p>\n\n\n\n

      A URL like \/page?utm_source=newsletter&utm_medium=email&utm_campaign=spring2025&utm_content=button_top&utm_term=discount&fbclid=AbCdEfGh&gclid=XyZ123… can push a single header field past the server’s per-field size limit on its own.<\/p>\n\n\n\n

      Quick fix for visitors<\/h3>\n\n\n\n

      Strip the query string from the URL in your browser’s address bar \u2014 delete everything from the question mark onward \u2014 and reload. This removes the referrer parameter data from the request. It’s temporary and only affects that page load.<\/p>\n\n\n\n

      Fix for site owners<\/h3>\n\n\n\n

      Reduce the number of URL parameters in your tracking links. The fewer parameters in the referrer URL, the smaller the header.<\/p>\n\n\n\n

        \n
      • Use Google’s Campaign URL Builder to generate minimal tracking URLs with only the parameters your analytics actually requires.<\/li>\n\n\n\n
      • Audit which UTM parameters you’re actively using in reports. Remove any that aren’t.<\/li>\n\n\n\n
      • On WordPress, plugins like URL Params let you control which query parameters are kept or stripped.<\/li>\n<\/ul>\n\n\n\n

        A referrer URL that’s under 200 characters won’t trigger a 431. Most server header field limits start at 4KB or 8KB per field \u2014 a long UTM chain can get close.<\/p>\n\n\n\n

        Fix 3: Increase the Server Header Size Limit<\/h2>\n\n\n\n

        If clearing cookies and trimming URLs doesn’t resolve the error, the server’s header size limit is simply set too low for the application’s requirements. This is common in development environments, Node.js applications, and servers handling API requests with large authentication headers or JWT tokens.<\/p>\n\n\n\n

        This fix requires server access or a conversation with your hosting provider.<\/p>\n\n\n\n

        Apache<\/h3>\n\n\n\n

        Add or modify the LimitRequestFieldSize directive in your Apache configuration or .htaccess:<\/p>\n\n\n\n

        LimitRequestFieldSize 16384<\/code><\/pre>\n\n\n\n
        The default is 8190 bytes. Adjust to match your actual header requirements.<\/p>\n\n\n\n
        Nginx<\/h3>\n\n\n\n
        Set the large_client_header_buffers directive in your nginx.conf:<\/p>\n\n\n\n
        large_client_header_buffers 4 16k;<\/code><\/pre>\n\n\n\n
        Node.js \/ Express<\/h3>\n\n\n\n
        When starting a Node.js HTTP server, pass the maxHeaderSize option:<\/p>\n\n\n\n
        const server = http.createServer({ maxHeaderSize: 16384 }, app);<\/code><\/pre>\n\n\n\n
        The default in Node.js is 8KB (8192 bytes). Applications using large JWT tokens or OAuth headers often need this raised.<\/p>\n\n\n\n
        If you don’t have direct server access, contact your hosting provider’s support team with the specific error and your server stack. They can adjust the limit at the server level. The http header size limit setting varies by software, but most support raising it without performance impact.<\/p>\n\n\n\n
        How to Prevent HTTP 431 Errors<\/h2>\n\n\n\n
        Three things keep 431 errors away long-term:<\/p>\n\n\n\n
          \n
        • Set appropriate server header limits from the start.<\/strong> When configuring a new application or API, size the header buffer to match real-world token and cookie sizes rather than relying on defaults built for simpler request patterns.<\/li>\n\n\n\n
        • Keep cookies lean.<\/strong> Don’t store more data in cookies than you need. Session identifiers should be short tokens, not full user objects. Regularly audit and purge cookies that are no longer required by the application.<\/li>\n\n\n\n
        • Minimize URL parameters.<\/strong> Use canonical, minimal tracking URLs. Consolidate UTM parameters into as few fields as your analytics requires. If a parameter isn’t in your reports, it’s adding header weight for no reason.<\/li>\n<\/ul>\n\n\n\n
          If you’re seeing this error on a site you don’t control and the basic visitor fixes don’t work, the server’s header limit is too restrictive for typical usage. Report it to the site owner with the specific error code and the browser you’re using.<\/p>\n\n\n\n
          HTTP 431 Error FAQs<\/h2>\n\n\n\n
          What exactly causes HTTP error 431? <\/strong> 
          The server received an HTTP request where the total header size, or a single header field, exceeded the server’s configured maximum. The most common triggers are large cookie collections, long referrer URLs with tracking parameters, and oversized authentication headers such as JWTs.<\/p> <\/div> 
          Does error 431 mean my site is down?<\/strong> 
          Not necessarily. Other visitors may load the site fine if their headers are smaller \u2014 fewer cookies, shorter referrer chains. Run a check using an online ‘is it down for everyone’ tool. If the site loads from other connections, the issue is on your end.<\/p> <\/div> 
          How do I fix 431 if I’m not the site owner?<\/strong> 
          Clear all cookies for the domain, strip query parameters from the URL, and try a different browser or incognito window. If none of those work, contact the site owner \u2014 the server’s header limit may need to be raised.<\/p> <\/div> 
          What are the consequences of the 431 error? <\/strong> 
          The server rejects the request entirely. For visitors, that means the page doesn’t load. For applications, it can mean failed API calls, broken authentication flows, or incomplete form submissions. Nothing is processed on the server side when 431 fires.<\/p> <\/div> <\/div>\n","protected":false},"excerpt":{"rendered":"
          You’re visiting a site \u2014 or running one \u2014 and instead of content, the browser returns a bare error page with no explanation. HTTP error 431 is one of the quieter HTTP status codes, but it has a clear cause and a short list of fixes. Unlike server-side 5xx errors, 431 is a client-side response. […]<\/p>\n","protected":false},"author":44,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[18],"tags":[],"ppma_author":[3402],"class_list":["post-29342","post","type-post","status-publish","format-standard","hentry","category-tutorials"],"uagb_featured_image_src":{"full":false,"thumbnail":false,"medium":false,"medium_large":false,"large":false,"1536x1536":false,"2048x2048":false},"uagb_author_info":{"display_name":"Milan Ivanovic","author_link":"https:\/\/contabo.com\/blog\/author\/milan\/"},"uagb_comment_info":0,"uagb_excerpt":"You’re visiting a site \u2014 or running one \u2014 and instead of content, the browser returns a bare error page with no explanation. HTTP error 431 is one of the quieter HTTP status codes, but it has a clear cause and a short list of fixes. Unlike server-side 5xx errors, 431 is a client-side response.…","authors":[{"term_id":3402,"user_id":0,"is_guest":1,"slug":"contabro","display_name":"ContaBro","avatar_url":"https:\/\/secure.gravatar.com\/avatar\/?s=96&d=mm&r=g","0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/posts\/29342","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/users\/44"}],"replies":[{"embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/comments?post=29342"}],"version-history":[{"count":2,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/posts\/29342\/revisions"}],"predecessor-version":[{"id":29346,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/posts\/29342\/revisions\/29346"}],"wp:attachment":[{"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/media?parent=29342"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/categories?post=29342"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/tags?post=29342"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/contabo.com\/blog\/wp-json\/wp\/v2\/ppma_author?post=29342"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}