Forum Discussion

Nimbostratus

Dec 14, 2018

Is blocking all HTTP-HEAD requesta a bad idea?

We think about blocking all HTTP Head requests for our Web-Applications (not REST or SOAP) via ASM, by returning a html response page with HTTP-code 200 OK, because most of them are requests from cra...

Nimbostratus

Dec 17, 2018

Isn't this the normal behavior? If any client-request is blocked by ASM, the error-page is returned in turn of a HTTP-200 response. Or should the status code be any of 4xx (ie. 403) for blocked requests in general?

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Is blocking all HTTP-HEAD requesta a bad idea?

Recent Discussions

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

Background Tasks

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Related Content

Block IP after a number of ASM Blocks

Block traffic

Response and blocking page

domain blocking

SSL Orchestrator Advanced Use Cases: Custom Blocking Pages

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS