For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Emad's avatar
Emad
Icon for Cirrostratus rankCirrostratus
Nov 28, 2013

Stop POST requests.

Hi. I was working to stop certain type of requests to web servers via LTM Irule. Right now i can stop different patterns in HTTP GET request i.e via URI. but i also want to stop certain patterns in P...
application delivery
design
devops
iRules
security
Emad's avatar
Emad
Icon for Cirrostratus rankCirrostratus
Nov 29, 2013

I have some of PHP based application and normally payload is passed in GET request to exploit any vulnerability. I am also working on ASM. Issue is there are some exploits which work in GET aswell as in POST data. www.abc.com/index.php is a valid URL, illegal request is www.abc.com/index.php?admin:$val, Commonly these type of request work in GET or by typing URL. But if use any Utilty for sending post data .i.e; ?admin:$val for URL : www.abc.com/index.php it works. so i want to stop that one. so at the moment my requirement is to stop this part of HTTP Request:

 

POST /foo/bar/test.exe HTTP/1.1