Forum Discussion

Nimbostratus

May 02, 2014

F5 Blocking = Illegal Method: OPTIONS

F5 is set to learn and alarm. The Attack Type is Information Leakage. The Request Details indicates Illegal method for HTTP Method OPTIONS. The HTTP Request = OPTIONS / HTTP/1.1 I am trying to determ...

Cirrostratus

May 02, 2014

See here for some details: http://www.acunetix.com/vulnerabilities/options-method-is-enabled/.

I don't think it's a real risk, any reasonably secure site/server will have unused or 'dangerous' methods disabled etc. but always better to be safe I suppose. More security theatre than anything.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

F5 Blocking = Illegal Method: OPTIONS

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

SOLVED: sending IsCompliant, IsKnown and IsManaged via SAML (SSO)

BIG-IP methods to Fix the “421 Misdirected Request” Error

Dealing with iRule $variables for HTTP2 workload while HTTP MRF Router is enabled

Is it possible to create a Single Pool with multiple ports ?

F5 object groups in AFM

Related Content

Block IP after a number of ASM Blocks

HTTP method conversion

Massive DDoS, DanaBot Dismantled, Scraped Discord Messages and Signal Blocks Windows Recall

Block traffic

domain blocking

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS