Forum Discussion
kaoutar
Cirrus
Apr 12, 2023blocking ZAP tool
Hi All, we noticed recently that some attackers use the ZAP tool to scan our web apps and most of those requests generate some issues, we tried to block these requests using attack signature based o...
Paulius
MVP
Apr 12, 2023kaoutar If you can figure out an HTTP header that is always added for this tool you can block it by searching the HTTP header value and if located the connection is dropped.
kaoutar
Cirrus
Apr 12, 2023Thank you Paulius, Unfortunately the matching key exists only on the payload of the Post request, nothing unusual in the URI or the header
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects