MSZ_221163
Dec 11, 2018Nimbostratus
Host Header Poisoning
Here I am showing some of the Headers from the request. The Host Header contains the MALICIOUS/UNWANTED alphabets before domain name/host name. How it is possible to block such requests on ASM?
GET /abc/test/framework/web*********** HTTP/1.1
Host: dhbwkf.
Cache-Control: no-cache
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36