This request limit setting of Request Filtering checks the length of the normalized URL Path; including the initial forward slash ("/"). IIS will log the value of this request in the cs-uri-stem field.
If the length exceeds what is set for maxUrl an HTTP 404 is returned to the client and IIS logs an HTTP 404.14.
STIG recommends a value of 4096 or less (https://stigviewer.com/stig/iis_8.5_site/2019-01-08/finding/V-76817).
URL encoding may substitute the parentheses (round brackets) in "file(copy).html" with %28 and %29.
http://mvc.contoso.com/folder/file%28copy%29.html
IIS normalizes the URL encoding. With each character being a single byte, the minimum value to allow this request is maxUrl = 23
http://mvc.contoso.com/folder/file(copy).html
This option is best for websites with static content (e.g. .html, .js, .css, .jpg). Logparser is used to parse the content directory and return a list of proposed cs-uri-stem requests with the calculated length.
File System is used for this script. See File System vs. IIS Logs in the FAQ for details.
Below is an example LogParser query to be used and explanation as to what it does.
--lp_query_maxUrl_FS.sql--
SELECT
Path AS FilePath,
REPLACE_CHR(file-cs-uri-stem,'\\','/') AS PROPOSED-cs-uri-stem,
STRLEN(PROPOSED-cs-uri-stem) AS maxUrl
USING
REPLACE_STR(Path, '\\server.contoso.com\www.contoso.com', '') as file-cs-uri-stem
INTO D:\WorkingFolder\lp_results_maxUrl_FS.csv
FROM \\server.contoso.com\www.contoso.com\*
WHERE
Path NOT LIKE '%\\aspnet_client%' AND
Path NOT LIKE '%.config' AND
Path NOT LIKE '%.dll' AND
Path NOT LIKE '%.cs' AND
Path NOT LIKE '%\\..' AND
Path NOT LIKE '%\\.'
ORDER BY maxUrl DESC
--lp_query_maxUrl_FS.sql--Selects the path of the file/folder. Replaces any backslash with a forwardslash from file-cs-uri-stem to create PROPOSED-cs-uri-stem. The length of PROPOSED-cs-uri-stem is calculated for maxUrl.
SELECT
Path AS FilePath,
REPLACE_CHR(file-cs-uri-stem,'\\','/') AS PROPOSED-cs-uri-stem,
STRLEN(PROPOSED-cs-uri-stem) AS maxUrlRemoves the base content directory to create file-cs-uri-stem.
USING
REPLACE_STR(Path, '\\server.contoso.com\www.contoso.com', '') as file-cs-uri-stemWhere results will be stored.
INTO D:\WorkingFolder\lp_results_maxUrl_FS.csvLocation of website content directory.
FROM \\server.contoso.com\www.contoso.com\*This WHERE clause removes common files/folders that will not be requested. Update as necessary.
WHERE
Path NOT LIKE '%\\aspnet_client%' AND
Path NOT LIKE '%.config' AND
Path NOT LIKE '%.dll' AND
Path NOT LIKE '%.cs' AND
Path NOT LIKE '%\\..' AND
Path NOT LIKE '%\\.'Order by maxUrl with the longest first.
ORDER BY maxUrl DESCThe PowerShell Module launches the following command.
LogParser.exe -stats:OFF -q:ON -i:FS -preserveLastAccTime:ON -o:CSV file:D:\WorkingFolder\lp_query_maxUrl_FS.sql
Start with the first entry (i.e. largest maxUrl value) in the results file (lp_results_maxUrl-FS.csv). Verify PROPOSED-cs-uri-stem would be a valid client request. Recall that a valid cs-uri-stem must begin with a forward slash (/). Move down the list until the first valid request is identified, then compare that maxUrl value with the one derived from IIS logs (lp_results_maxUrl_IIS.csv) and use the longest value for this setting.