411 - Length Required error

james67 · February 6, 2025, 8:58pm

What is the name of the domain?

procurepm.com

What is the error number?

411

What is the error message?

Length Required - HTTP Error 411. The request must be chunked or have a content length.

What is the issue you’re encountering

Requests to our server are being rejected before hitting our server by Cloudflare with HTTP 411

What steps have you taken to resolve the issue?

Posting a topic on the Cloudflare community forum

What are the steps to reproduce the issue?

When we POST requests to our server (or libraries such as SignalR do), they will often POST all the data need in the URL. When this happens, there is no content posted and some libraries do not post a content-length HTTP header.

This was never a problem until a few weeks ago when we began getting intermittent errors (1 out of every 500-1,000 requests) that returned a 411. We checked and our server never received these requests and concluded that they must be rejected by Cloudflare. Cloudflare explicitly states (here: 4xx Client Error · Cloudflare Support docs) that "Cloudflare does not generate 411 for customer websites, we only proxy the request from the origin server. ", but this is manifestly untrue.

Over the last couple of days, this has now starting happening MUCH more often as they are clearly rolling out whatever configuration issue causes this to more and more of their nodes.

Laudian · February 6, 2025, 9:30pm

According to the headers, the 411 is coming from your origin (cf-cache-status: DYNAMIC):

curl -si -X POST https://procurepm.com
HTTP/2 411
date: Thu, 06 Feb 2025 21:19:40 GMT
content-type: text/html; charset=us-ascii
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=syJ1rMW9fo8rRmK%2BeGxD2sVBVgYhKkMCdm9vWr0xdU042zmDXxhu1cxf3Uc%2BG0dQOCd4P6y46iL2bt%2Fcw%2Fq9xQW1znYRCzAb%2BnSbH9pP04uSuUWhZZ0xpwetakjY5NZKiuetW%2BIe8%2F3V5X7J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
server: cloudflare
cf-ray: 90de2e032c3b6651-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=27821&min_rtt=27805&rtt_var=5894&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3410&recv_bytes=775&delivery_rate=145242&cwnd=253&unsent_bytes=0&cid=4eecc4cc363c24ff&ts=472&x=0"

If it doesn’t show up in the server logs, do you have anything before the server? Reverse proxy, http firewall, something like that?

james67 · February 6, 2025, 9:33pm

We have a standard Azure Virtual Machine. We have changed no configurations on it in the past 2 months and we have no reverse proxies, HTTP firewalls or the like.

james67 · February 6, 2025, 10:05pm

Turns out http.sys is rejecting the request before it gets to IIS. No idea why it started a few weeks ago, nor why it got worse this week.

It’s especially annoying b/c the IIS logs do not contain the request. But they DO show up in C:\Windows\System32\LogFiles\HTTPERR

Now I have to debug this IIS ■■■■, but for any readers out there - know the problem isn’t cloudflare.

system · February 21, 2025, 8:58pm

This topic was automatically closed after 15 days. New replies are no longer allowed.

Topic		Replies	Views
Cloudflare randomly stripping content-length header on POST if body=<empty> Website, Application, Performance	14	176	March 14, 2025
Community Tip - Fixing 4XX errors Tutorial CommunityTip	0	11331	March 14, 2019
Cloudflare adding wrong Content-Length to some users Website, Application, Performance	1	1704	February 2, 2023
"Content-Length: 20" on "204 no content" set by cloudflare proxy Website, Application, Performance	2	2556	February 11, 2023
Content-Length 100 GiB (107374182400 bytes) restriction General	11	1548	July 10, 2022