Forum Discussion

Nimbostratus

Sep 16, 2020

irule to mitigate HTTP de-sync attack

Hi Experts, I'm here to seek some help in implementing irule that would search the http requests that contains both the headers 1. Transfer Encoding 2. Content-length and reset the connection for...

Employee

Sep 28, 2020

Hello,

Why you can not use standard "HTTP Desync Attack Attempt" attack signature for it?

Thanks, Ivan

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

irule to mitigate HTTP de-sync attack

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Managing iRules configuration

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

[ASM] - How to disable the SQL injection attack signatures

Illigal Parameter addition as custom signature set wanted to Unblock

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Related Content

F5 Distributed Cloud L7 DoS Attack Mitigation Roundup

Cyber Security Attack Mitigations with BIG-IP features

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Mitigating OWASP Web Application Risk: SSRF Attack using F5 XC Platform

How F5 WAF Mitigates 0-Day CVEs - React2Shell Case Study

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS