Forum Discussion
CVE-2021-44228 irule mitigation?
I tried implementing the iRule linked from the AskF5 solution article, but as written it causes my site(s) to throw an HTTP 400 "Bad Request" error.
Anyone else see that behavior? Ideas?
Hi ,
this should not be the case. Unless the iRule matches the pattern of the attack, it does not alter the request going to the backend servers.
Can you compare the requests sent to the backend servers with and without the iRule? Using tools like tcpdump, wireshark or just from the log of the backend servers? Can you spot any differences in the HTTP Requests?
KR
Daniel
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com