Nginx Server Errors
Nginx 400 Bad Request
Bad Request — Nginx rejected the request due to malformed syntax or an oversized header
What 400 Means
The 400 error on the Nginx Server Errors indicates bad request — nginx rejected the request due to malformed syntax or an oversized header. This typically occurs due to oversized request header or cookie exceeding nginx client_header_buffer_size.
Nginx returns 400 before proxying the request to an upstream. Common causes are large headers or invalid request lines that Nginx rejects at the server level rather than the application level.
Technical Background
Nginx validates request syntax and header sizes before forwarding to upstream services. When a request fails these checks, Nginx returns 400 immediately without involving the backend.
Nginx has a default client_header_buffer_size of 1KB. Requests with large session cookies or authorization tokens can overflow this buffer, causing Nginx to reject the request before it reaches the upstream application.
Common Causes
- Oversized request header or cookie exceeding Nginx client_header_buffer_size
- Malformed URL encoding or invalid characters in the request URI
- HTTP/2 protocol violation sent to an HTTP/1.1-only Nginx endpoint
Typical Scenarios
- Browser with accumulated large cookies exceeding Nginx header buffer limits
- API client sending a malformed JSON body with an invalid Content-Type header
- Reverse proxy receiving requests with non-standard HTTP methods from certain clients
What to Know
A 400 from Nginx is a server-level rejection occurring before the request reaches the upstream application. The Nginx error log contains the specific rejection reason, distinguishing buffer overflow from malformed request line issues.
Frequently Asked Questions
Common questions about Nginx 400 error
Nginx has a default client_header_buffer_size of 1KB. When cookies or auth headers exceed this limit, Nginx rejects the request with 400. Increasing large_client_header_buffers resolves this.