Forum Discussion

Altostratus

May 08, 2017

A way to mitigate CVE-2017-8295

Hello experts, I may be wrong in my approach, but I'm trying to mitigate CVE-2017-8295 by forcing the request to a know fixed host name, (e.g. ). So when another requested host reach my virtual serve...

Cirrocumulus

May 08, 2017

cjunior,

I dont believe this Host Header configuration object works as you believe it should, rather it is a way of telling certain protections of internal/external host names.

Anyway, another option is to create a custom attack signature perhaps? You would want to use the headercontent value to not match the actual host address.

Something like this should work:

headercontent:"Host"; nocase; re2:!"/www.example.com/"; nocase;

See if this helps,

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

A way to mitigate CVE-2017-8295

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

How to configure ssh access by key on F5OS

F5 BIG-IP DNS/Audit Logs — Structured Format for SIEM Ingestion

Bot Defense causing a lot of false positives

Recommendation for Adv. Lab

iRules for recreation: HTTP Protocol Parser implemented using BIG-IP iRule(unfinished)

Related Content

F5 Distributed Cloud L7 DoS Attack Mitigation Roundup

How F5 WAF Mitigates 0-Day CVEs - React2Shell Case Study

F5 Distributed Cloud L3-L7 DDoS Mitigation

Realtime DoS mitigation with VELOS BX520 Blade

Mitigating Log4j Vulnerability using F5 BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS