Forum Discussion
Emad
Cirrostratus
Nov 28, 2013Stop POST requests.
Hi. I was working to stop certain type of requests to web servers via LTM Irule. Right now i can stop different patterns in HTTP GET request i.e via URI. but i also want to stop certain patterns in P...
Kevin_Stewart
Employee
Nov 28, 2013A POST will generally have a payload that you need to worry about, but it will also have a URI. So your mitigation a are dependent on the injection point. An example POST request:
POST /foo/bar/test.exe HTTP/1.1
Host: www.example.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla...
username=foo&password=bar&execute=test.exe
So you could still look at the URI in a POST request, but then you can also look at the payload, which would require a collection. If I had to guess, I would assume your application predominantly uses GETs, so the overhead of collecting on POSTs, and potentially a subset of POSTs based on some trigger URIs, wouldn't be too overwhelming.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects