Forum Discussion

Altostratus

Mar 23, 2018

ASM policy not blocking invalid host headers

I've trying to limit access to a specific hostname. I've added the desired host name in Security/Application/Headers/Host Names. The policy is enforcing (e.g. GeoIP blocking is working), but it still...

application delivery

ASM Advanced WAF

René_Geile

Cirrus

Mar 23, 2018

Hi,

you allways need two parts for ASM features:

Configure the feature (i.e. define valid Host Headers, define valid methods)
Configure Blocking/Learning/Alerting for the violations of the features.

See Security- Application Security : Policy Building : Learning and Blocking Settings

Section "HTTP Compliance": Enable blocking. Enable all host header related subitems in this section. (Bad Host Header value, Host header contains an IP address...)

Section "headers" : Enable "blocking" for violation "illegal methods"

Forum Discussion

ASM policy not blocking invalid host headers

Recent Discussions

What is the meaning is 52% block in WAF

Rundeck ansible F5 errors

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Access Logs - Invalid Tenant

F5 XC Distributed Cloud HTTP Header manipulations and matching of the client ip/user HTTP headers

Block traffic

domain blocking

Security headers