Forum Discussion

logan92's avatar
logan92
Icon for Altocumulus rankAltocumulus
Jul 10, 2024

How to allow 405 response code for certain HTTP Header?

Hi,
If we have a certain header that is blocked by response code 405 and we need WAF to allow response code 405 if it sees this header in the request , how we can achieve that in F5?       

  • Can u pls try with irule if possible.

     

    when HTTP_REQUEST {
        if { [HTTP::header exists "X-Special-Header"] } {
            set allow_405 1
        } else {
            set allow_405 0
        }
    }

    when HTTP_RESPONSE {
        if { $allow_405 } {
            if { [HTTP::status] == 405 } {
                # Allow the 405 response if the special header was present in the request
                # Optionally log this event
                log local0. "Allowing 405 response for request with X-Special-Header"
            } else {
                # Reset the allow_405 flag if the response status is not 405
                set allow_405 0
            }
        }
    }

    • logan92's avatar
      logan92
      Icon for Altocumulus rankAltocumulus

      Hi,
      what is the action for this part? it will allow 405 response code if it sees this special header in the request?
      if { [HTTP::status] == 405 } {
                  # Allow the 405 response if the special header was present in the request
                  # Optionally log this event
                  log local0. "Allowing 405 response for request with X-Special-Header"

  • Hi Logan, before setting an action did you tried Create a Blocking Exception: 

     https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-12-1-0/25.html

    &

    Navigate to Security -> Application Security -> Security Policies -> Blocking Settings.

    Add a new blocking exception rule that triggers on the condition where the specific header is present in the request and the response code is 405.

    Configure the Blocking Exception:

     

    Specify the condition to match the specific header (X-Custom-Header in your case) using the appropriate expression language provided by F5 ASM.

    Set the action for this exception to allow the response code 405. You can specify the action to "Allow" or "Log" depending on your security policy requirements.

  • WAF is best solution rather then TCL iRule. Find the WAF seetings. 

    Navigate to Security  ››  Application Security : Security Policies : Policies List ›› Select_WAF_Policy
    General Setting --> Basic HTTP Message Settings -->  SAVE & apply the policy