irule to block a non valid url

Hello cg1603​ 
From your example seems that host header is malformed also

So my first approach would be to accept only valid host header as a starting point with an irule like this

when HTTP_REQUEST 
{
    switch -- [string tolower [HTTP::host]] 
	{
        "www.example.com"
		{
            # Valid Host — allow request
            return
        }
        default 
		{
            log local0. "Blocked invalid Host: $host from [IP::client_addr]"
            HTTP::respond 403 content "Forbidden - Invalid Host"
        }
    }
}

Hi,

I hope you are you are not getting this request on actual http traffic.You can write an iRule to inspect the first few bytes of the payload and drop anything that's clearly not a valid HTTP request.

Like, Checks if it starts with common HTTP methods (GET, POST, CONNECT, etc.). if its not block it. Sample like 

Try the syntax as well when you write it in any test environment first pls- 

when CLIENT_ACCEPTED {
    TCP::collect 16
}

when CLIENT_DATA {
    # Extract first few bytes
    set first_bytes [TCP::payload 16]

    # If it doesn't start with HTTP methods, it's probably invalid
    if { !([string match -nocase "GET*" $first_bytes] ||
           [string match -nocase "POST*" $first_bytes] ||
           [string match -nocase "HEAD*" $first_bytes] ||
           [string match -nocase "PUT*" $first_bytes] ||
           [string match -nocase "OPTIONS*" $first_bytes] ||
           [string match -nocase "DELETE*" $first_bytes] ||
           [string match -nocase "CONNECT*" $first_bytes]) } {

        log local0. "Blocked invalid HTTP request from [IP::client_addr]:[TCP::client_port] - first bytes: $first_bytes"
        reject
        return
    }

    # Allow valid request
    TCP::release
}