Forum Discussion

smalex's avatar
smalex
Icon for Altostratus rankAltostratus
Jun 11, 2019

ASM- Bad HTTP version

We have implemented ASM last day and many requests are blocked stating: Bad HTTP version. Version is 1.1 but still its blocked. What might be the reason. Please Guide.

application delivery
ASM Advanced WAF
Security
  • Kevin_Davies's avatar
    Kevin_Davies
    Icon for MVP rankMVP
    Jun 11, 2019

    ASM will allow HTTP version 1.1. If you're getting bad version then you need to delve into the headers. If you can paste an example here then we can possibly tell you where things are wrong. After you paste, make sure to hit TAB as this will format it as code.

  • smalex's avatar
    smalex
    Icon for Altostratus rankAltostratus
    Jun 11, 2019

    GET /sherya/wps/contenthandler/!ut/p/digest!oHOwO7o4KqyDRa6fZ4MVyg/searchfeed/search?queryLang=en_US&date=1&index=RemoteEJBSearchService::/opt/IBM/WebSphere/wp_profile/PortalServer/collections/HAD_FAQ_en&query=HAD License exams&pageSize=300 HTTP/1.1

     

  • Kevin_Davies's avatar
    Kevin_Davies
    Icon for MVP rankMVP
    Jun 11, 2019

    This is not a valid URL. No wonder ASM is flagging it.

     

    "...HAD_FAQ_en&query=HAD License exams&p..."

     

    You can't have spaces in a URL. Its likely thinking "License" is the HTTP version.

    • smalex's avatar
      smalex
      Icon for Altostratus rankAltostratus
      Jun 11, 2019

      Thank you for the reply. But Without ASM in place these were working. Shouldn't it have been blocked?

      • Kevin_Davies's avatar
        Kevin_Davies
        Icon for MVP rankMVP
        Jun 11, 2019

        What is there to block it? Firewalls never see the URL in a SSL session, only the application sees the final request and it will either accept it or it won't. The request is definitely outside the spec for HTTP. ASM will never pass this kind of request as it fails protocol compliance. One of the very reasons Application Security Manager was designed to address.