Forum Discussion
René_Geile
Mar 23, 2018Cirrus
Hi,
you allways need two parts for ASM features:
-
Configure the feature (i.e. define valid Host Headers, define valid methods)
-
Configure Blocking/Learning/Alerting for the violations of the features.
See Security- Application Security : Policy Building : Learning and Blocking Settings
Section "HTTP Compliance": Enable blocking. Enable all host header related subitems in this section. (Bad Host Header value, Host header contains an IP address...)
Section "headers" : Enable "blocking" for violation "illegal methods"