Forum Discussion

Nimbostratus

Apr 23, 2019

iRule to drop connection of invalid host header

I have an issue creating an iRule. I need the iRule to drop the connection at the F5 if the host header is manipulated. I have tried some iRules in Test but the syntax is apparently not correct.

MVP

Apr 23, 2019

Hi ITNINJAWARROIOR,

try the iRule to allow just a few selected HOST-header values to pass through...

when HTTP_REQUEST {
    switch -exact -- [string tolower [HTTP::host]] {
        "www.domain.de" -
        "www.domain.fr" -
        "www.domain.com" {
             Do nothing for white listed HOST-header values...
        }
        default {
             Send 502 response for reuqests with unknown HOST-headers...
            HTTP::respond 502 content "Bad Gateway" "Content-Type" "text/html" "Connection" "close"         
        }
    }
}

Cheers, Kai

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

iRule to drop connection of invalid host header

Recent Discussions

SSL bridging without SSL proxy forward

Client SSL Profile set to Require Client Certificate breaks RDP in APM

TS Declarations for DNS

APM file and registry key date check 8 days old

Should config via cli rather than gui?

Related Content

err tmm1[24399]: 011f0007:3: http_process_state_prepend - Invalid action:0x107041 clientside

DevCentral Connects hosts Capture the Flag!

Troubeshooting website connection

F5 Connection Mirroring question

Rebalancing connections

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS