Forum Discussion

Icon for Cirrus rank

Cirrus

Oct 01, 2024

Why does WAF block HTTP OPTION method

Does the HTTP Option method pose significant security risk to the web application?

Icon for MVP rank

MVP

Oct 01, 2024

Hi ee

i have read in so many articles relating the threats by option method, main thing is attackers mostly using it. if an application doesn't need the method, no need of using it. so as per awaf by default below mentioned only allow if it's a blocking profile.

BR

Aswin

ee
Cirrus
Oct 03, 2024
Hi, May I know what is meant by the "Methods: act as GET" from the screenshot provided?

AppWorld 2026: Save the Date and Join Our Community In Person!

DevCentral News

Introducing the F5 AI Assistant for BIG-IP

Technical Articles

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5