Forum Discussion

Nimbostratus

Oct 01, 2024

Why does WAF block HTTP OPTION method

Does the HTTP Option method pose significant security risk to the web application?

HttpMethod

options

Aswin_mk

Cumulonimbus

Oct 01, 2024

Hi ee

i have read in so many articles relating the threats by option method, main thing is attackers mostly using it. if an application doesn't need the method, no need of using it. so as per awaf by default below mentioned only allow if it's a blocking profile.

Aswin

Forum Discussion

Why does WAF block HTTP OPTION method

Recent Discussions

Help with Migrating Netscaler Rewrite Policy to F5 LTM

APM Portal Access Rewriting

APM - Close Browser

Converting Citrix NetScaler Transform Policy to F5 BIG-IP LTM

Why does WAF block HTTP OPTION method

Related Content

domain blocking

BIG-IP deployment options with Openshift

Service Discovery and authentication options for Kubernetes providers (EKS, AKS, GCP)

LTM Policy Options Clarification

Response and blocking page