Forum Discussion

Nimbostratus

7 years ago

Is blocking all HTTP-HEAD requesta a bad idea?

We think about blocking all HTTP Head requests for our Web-Applications (not REST or SOAP) via ASM, by returning a html response page with HTTP-code 200 OK, because most of them are requests from cra...

MVP

7 years ago

kinda wondering why? you don't exactly want to block, but you want to let them think the request is handled correctly.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Is blocking all HTTP-HEAD requesta a bad idea?

SSO Login Update Coming to DevCentral

Kevin - June 2026 Featured F5er

Tyler - May 2026 Featured Member

Recent Discussions

ASM attack signatures not syncing between active and standby F5

Hardware BIG-IP appliance reach EOSS, but the software version running on it not yet?

VPN Communication Error with F5 BIG-IP Edge Client

simultaneous disabling / enabling of all LTM objects

Query on source IP preservation for syslog traffic through F5 virtual server

Related Content

Logging/Blocking possible prompt injection

Service Extensions with SSL Orchestrator: Advanced Blocking Pages

Block IP after a number of ASM Blocks

F5 Distributed Cloud – Why You Should Never Block Regional Edge IPs on Your Firewall

Massive DDoS, DanaBot Dismantled, Scraped Discord Messages and Signal Blocks Windows Recall

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS