Forum Discussion
Bob_10976
Nimbostratus
NimbostratusiRule to Block request with Host Header
I'm needing some help with creating an iRule that will block any request that doesn't have a host header value.
For example if someone was to preform a GET / HTTP/1.1 on one our websites or even assoicated public IP address I want to block that.
Also for the record, I’m not a programmer of any type so I apologize in advance for any newbie/stupid follow up questions..
Thanks,
Bob
3 Replies
- The_BhattmanThere are several ways to approach this
Here are some exampleswhen HTTP_REQUEST { if { [HTTP::header "Host"] equals " " } { reject } }
orclass publicaddr { "215.25.25.35" "215.25.25.33" "215.25.25.34" } when CLIENT_ACCEPTED { if { [matchclass [IP::remote_addr] equals $::publicaddr] } { reject } }
These are just examples.
Hope this helps
CB 
Bob_10976Thanks for the help...
Just before your reply we actually came up with the below rule, but I like your reject option better...
when HTTP_REQUEST {
if { ([string tolower [HTTP::host]] equals "") } {
HTTP::respond 401
}
}
Thanks,
Bob- The_BhattmanYou can also use either drop or discard. This will cause the current packet or connection to be discarded, but i don't think it will send a reset. Where as reject causes the connection to be rejected, returning a reset as appropriate for the protocol.
You can find more detail on in the wiki irule section under GLOBAL commands.
CB
