diff --git a/docker/nginx/dist/conf/tpotweb.conf b/docker/nginx/dist/conf/tpotweb.conf
index 384fe6ea..24e346ab 100644
--- a/docker/nginx/dist/conf/tpotweb.conf
+++ b/docker/nginx/dist/conf/tpotweb.conf
@@ -47,9 +47,12 @@ server {
     client_header_buffer_size 1k;
     client_max_body_size 2M;
     
-    ### Changed from OWASP defaults
-    ### To suit Kibana (long ajax uris) breaking 1024
-    ### Still keeping it very true to 1k
+    ### Changed from OWASP recommendations: "2 1k" to "2 1280" (So 1.2k)
+    ### When you pass though potentially another reverse proxy/load balancer
+    ### in front of tpotce you can introduce more headers than normal and
+    ### therefore you can exceed the allowed header buffer of 1k.
+    ### An 280 extra bytes seems to be working for most use-cases.
+    ### And still keeping it close to OWASP's recommendation.
     large_client_header_buffers 2 1280;
 
     ### Mitigate Slow HHTP DoS Attack