Forum Discussion

Nimbostratus

Sep 07, 2017

Custom Attack Signature to block request with No UA or Referer

I want to be able to check and see if the request is missing both the User-Agent String and the Referer, and possibly block the request. So I know I can do this with an iRule, but I am wanting to tr...

Employee

Sep 21, 2017

Another way to say this is that you want the header to be mandatory. There is a setting under

Security ›› Application Security : Headers : HTTP Headers ›› Edit Header

Mandatory to Enabled will say the header must appear in the request

Forum Discussion

Custom Attack Signature to block request with No UA or Referer

Recent Discussions

how can I find the software version is 32 bit or 64 bit from LTM 15.1.10.4

(How) can I get two client certificates in one APM session?

Open Redirection Mitigation

BIG-IP DNS iRule issue with static variable

Using okta as SSO to login F5 GUI

Related Content

Bot Signature based on the referer header

Cloud Docs - F5OS Technical Reference Materials

Request POST Header Rewrite of Origin and Referer

Support of WAF Signature Staging in F5 Distributed Cloud (XC)

Deploy the NGINX Modern Apps Reference Architecture locally