diff --git a/src/http/modules/ngx_http_limit_zone_module.c b/src/http/modules/ngx_http_limit_zone_module.c
index 1ec99cc9b..abab4ad11 100644
--- a/src/http/modules/ngx_http_limit_zone_module.c
+++ b/src/http/modules/ngx_http_limit_zone_module.c
@@ -131,10 +131,22 @@ ngx_http_limit_zone_handler(ngx_http_request_t *r)
         return NGX_DECLINED;
     }
 
-    r->main->limit_zone_set = 1;
-
     len = vv->len;
 
+    if (len == 0) {
+        return NGX_DECLINED;
+    }
+
+    if (len > 255) {
+        ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+                      "the value of the \"%V\" variable "
+                      "is more than 255 bytes: \"%V\"",
+                      &ctx->var, vv);
+        return NGX_DECLINED;
+    }
+
+    r->main->limit_zone_set = 1;
+
     hash = ngx_crc32_short(vv->data, len);
 
     cln = ngx_pool_cleanup_add(r->pool, sizeof(ngx_http_limit_zone_cleanup_t));
@@ -419,6 +431,12 @@ ngx_http_limit_conn(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
         return NGX_CONF_ERROR;
     }
 
+    if (n > 65535) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "connection limit must be less 65536");
+        return NGX_CONF_ERROR;
+    }
+
     lzcf->conn = n;
 
     return NGX_CONF_OK;