How can I add an "Illegal Header" in the Advanced WAF.

Wasfi_Bounni · ‎28-Feb-2021

Hi;

How can I add a header to be illegal in the AWAF product, previously ASM.

The ASM for instance allows you to manually add "Allowed URLs" and "Disallowed URLs". However, I could only manually add "Allowed Headers" but could not find a way to manually add "Disallowed Headers". I know I can do that in an I-rule, but my aim was to do it in the GUI and return the default block page.

Kindly

Wasfi

Daniel_Wolf · ‎28-Feb-2021

Hi Wasfi,

you can achieve this by adding the Header name as a custom attacking signature.

Here is the to the documentation for v14.1:

Writing Custom Attack Signatures

And here a (not very sophisticated) example:

KR

Daniel

View solution in original post

Daniel_Wolf · ‎28-Feb-2021

Hi Wasfi,

you can achieve this by adding the Header name as a custom attacking signature.

Here is the to the documentation for v14.1:

Writing Custom Attack Signatures

And here a (not very sophisticated) example:

KR

Daniel

Wasfi_Bounni · ‎01-Mar-2021

Hi Daniel;

In the above example, I have tried to use a regular expression instead of the contain string criteria, which is ^badheader. This means that the header value string must start with badheader. The issue though is that did not work. I will put this on the forum too.

Kindly

Wasfi

Wasfi_Bounni · ‎28-Feb-2021

Hi Daniel;

Thank you for your help.

Kindly

Wasfi

DevCentral

How can I add an "Illegal Header" in the Advanced WAF.

Sep 26th, 2023
MFA required on DevCentral

DevCentral

How can I add an "Illegal Header" in the Advanced WAF.

Sep 26th, 2023MFA required on DevCentral

Sep 26th, 2023
MFA required on DevCentral