Forum Discussion

Nimbostratus

Sep 16, 2020

irule to mitigate HTTP de-sync attack

Hi Experts, I'm here to seek some help in implementing irule that would search the http requests that contains both the headers 1. Transfer Encoding 2. Content-length and reset the connection for...

Employee

Sep 28, 2020

Hello,

Why you can not use standard "HTTP Desync Attack Attempt" attack signature for it?

Thanks, Ivan

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

irule to mitigate HTTP de-sync attack

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Cyber Security Attack Mitigations with BIG-IP features

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Mitigating OWASP Web Application Risk: SSRF Attack using F5 XC Platform

Mitigating OWASP Web Application Risk: Broken Access attacks using F5 Distributed Cloud Platform

OWASP Mitigation Strategies Part 1: Injection Attacks

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS