Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

irule to replace Realm value for http response header WWW-Authenticate: Basic realm="IP address"

alchancco
Nimbostratus
Nimbostratus

‎08-Jul-2022 09:53

To mitigate against internal IP address disclosure in Basic Authentication Header, i'd like to change the IP address to some other value.

I tried changing "Basic Auth Realm" in http profile but it only works for some testing tools like wfetch but not for curl.

I also tried the following irule but it also works sometimes:

when HTTP_RESPONSE {

if { [HTTP::header "WWW-Authenticate"] starts_with "Basic" }{
HTTP::header replace WWW-Authenticate "Basic realm='mydomain.com'"
}
}

0 Kudos
2 REPLIES 2

Enes_Afsin_Al
MVP
MVP

‎10-Jul-2022 08:10

Hi alchancco,

Can you change the http event and try?

when HTTP_RESPONSE_RELEASE {
	if { [HTTP::header WWW-Authenticate] starts_with "Basic" }{
		HTTP::header replace WWW-Authenticate "Basic realm='mydomain.com'"
	}
}

 

0 Kudos

alchancco
Nimbostratus
Nimbostratus
In response to Enes_Afsin_Al

‎21-Jul-2022 11:24

HI Enes_Afsin_AI,

I made the change  but as before it only changes the header value  sporadically.

- alfredo

0 Kudos
Copyright © 2023 Khoros, LLC