Forum Discussion

Altostratus

May 08, 2017

A way to mitigate CVE-2017-8295

Hello experts, I may be wrong in my approach, but I'm trying to mitigate CVE-2017-8295 by forcing the request to a know fixed host name, (e.g. ). So when another requested host reach my virtual serve...

Cirrocumulus

May 08, 2017

cjunior,

I dont believe this Host Header configuration object works as you believe it should, rather it is a way of telling certain protections of internal/external host names.

Anyway, another option is to create a custom attack signature perhaps? You would want to use the headercontent value to not match the actual host address.

Something like this should work:

headercontent:"Host"; nocase; re2:!"/www.example.com/"; nocase;

See if this helps,

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

A way to mitigate CVE-2017-8295

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

2026 301a exam

F5OS login with admin/root failed via console

UCS Encryption Question

Unblock Request WAF

Related Content

How F5 WAF Mitigates 0-Day CVEs - React2Shell Case Study

F5 Distributed Cloud L3-L7 DDoS Mitigation

Mitigating Log4j Vulnerability using F5 BIG-IP

Realtime DoS mitigation with VELOS BX520 Blade

DNS Tunnel Mitigation v2

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS