Forum Discussion

lorenze's avatar
lorenze
Icon for Altocumulus rankAltocumulus
Aug 22, 2023

HTTP Host Header Injection found at PORT : 80 vulnerability

Hello Everyone,  We are running some security scans against our production environment, and one thing that came back is the result flagging HTTP Host Header Injection found at PORT : 80. HTTP...
security
lorenze's avatar
lorenze
Icon for Altocumulus rankAltocumulus

Thanks for the response Mohamed_Ahmed_Kansoh.   Just for additional insights, as far as I understand the vulnerability which I could be wrong. 

The orignal http url (e.g http://example.com) can be changed into arbitrary url  (e.g https://asdfad.com) I was just wondering if thier is an easy way to prevent this from an F5 level being the servers are  load balanced. 

We have an irule that redirect http traffic to https but this  is still being flag as vulnerable. 

Thanks, 



Mohamed_Ahmed_Kansoh's avatar
Mohamed_Ahmed_Kansoh
Icon for MVP rankMVP
Aug 22, 2023

Hi lorenze , 

Yes it will be still vulnerable as I said , you can solve it from server side Code. 

Or try to use Stream profile another workaround and this should mark you are vulnerable in vulnerability scanner. 

use the irule and Stream profile Features in the following Article : 

https://my.f5.com/manage/s/article/K31100432