Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

illegal method attack deos not result in a the blocking response page

Wasfi_Bounni
Cirrocumulus
Cirrocumulus

Hi;

 

In the ASM, illegal http method attack is blocked but it does not result in the blocking response page shown to the user.

 

 

Kindly

Wasfi

7 REPLIES 7

boneyard
MVP
MVP

would need some more information.

 

when you say "In the ASM, illegal http method attack is blocked", do you mean it is configured to block or do you see it blocked in the event request log?

 

are other attacks blocked with a block page shown?

 

how do you test this? which METHOD?

Wasfi_Bounni
Cirrocumulus
Cirrocumulus

It is configured to block and the event request log shows it as being blocked.

 

I use postman and the request is blocked but no block response page.

interesting, and if you do a regular request or a different attack you do get the block page?

Wasfi_Bounni
Cirrocumulus
Cirrocumulus

I sure do. I get a 200Ok response with no body. My aim is to have a 200Ok response with the block page or a 405 response.

you didn't make changes to the Response Pages?

 

what exactly are you sending via Postman?

Wasfi_Bounni
Cirrocumulus
Cirrocumulus

It is actually a request to an API "API call"

an API call is normally nothing else then a specific HTTP request.

 

provide what you use in Postman i can check if it gives a block page with my settings.