414 errors in web server log file
There are not many conditions that will cause this error to be triggered, and the most common issue that occurs on servers investigated is:
* the server is under attack by a client attempting to exploit potential security holes
When mining for data in web server logs one occasionally finds 414 errors, i.e. requests that are just too long indicating that the URI requested by the client is longer than the server is willing to interpret. Despite looking like complete gibberish it does provide insight in attack patterns.
Normally attacks of this kind seem to be running in clueless revisit loops, perhaps whoever wrote the loop believes in the resurrection of cgi-bin or that a sloppy default installation will magically come into existence. As many such attack calls appear to emerge from China a bit of tuning on the Great Firewall of China in order to prevent such cruft running behind causing errors would make a far better use of it.
While such lines are hard to read transforming them into readable test doesn't require much effort. Just search on your favorite search engine for "decode URI" for a list of multiple online tools available for decoding. Copy and paste the URI with all of the percentage values into the box and decode, the decoded text evidently makes the reason of the error obvious.
Applying an appropriate rule in the firewall in front of the web server will reduce the need for the web server to handle such requests, one could argue that CGI today is essentially a dead technology but why if not used would such requests be allowed to hit a server at all. As a precaution, if cgi-bin requests are getting 200 code resoonses from a server and cgi-bin isn't in use... well that is an issue to take care of.