Forum Discussion
ASM policy not blocking invalid host headers
I've trying to limit access to a specific hostname. I've added the desired host name in Security/Application/Headers/Host Names. The policy is enforcing (e.g. GeoIP blocking is working), but it still allows other host names. The log shows the entries with the unwanted host header.
Any tips? Is there something else I need to turn on?
- uni
Altostratus
I also removed "HEAD" from the Methods list, but can still use HEAD.
This is v13.1.0.2
- René_Geile
Cirrus
Hi,
you allways need two parts for ASM features:
-
Configure the feature (i.e. define valid Host Headers, define valid methods)
-
Configure Blocking/Learning/Alerting for the violations of the features.
See Security- Application Security : Policy Building : Learning and Blocking Settings
Section "HTTP Compliance": Enable blocking. Enable all host header related subitems in this section. (Bad Host Header value, Host header contains an IP address...)
Section "headers" : Enable "blocking" for violation "illegal methods"
-
- Karim
Cirrostratus
Hi
I just wanted to add that as far as I know, defining hostnames in "Headers-> Host Names" only allow you to set the policy in Transparent mode for those specific host names.
It is not used to block traffic that destined to those host names. There's no violations saying 'invalid host name' .
Many thanks,
karim
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com