You can try enabling the HTTP Profile and then using an iRule to disable HTTP for any request that isn't RFC compliant.
I have attached a snippet that will verify that the first portion of the request contains a string followed by a forward slash.
For an HTTP Request
when CLIENT_ACCEPTED {
HTTP::disable
TCP::collect 20
}
when CLIENT_DATA {
scan [TCP::payload] {%s %c} METHOD REQUEST
if {$METHOD ne "" && $REQUEST eq "/"}
{
HTTP::enable
}
TCP::release
}
For an HTTPS Request
when CLIENT_ACCEPTED { HTTP::disable }
when CLIENTSSL_CLIENTHELLO { SSL::collect 20}
when CLIENTSSL_DATA {
scan [SSL::payload] {%s %c} METHOD REQUEST
if {$METHOD ne "" && $REQUEST eq "/"}
{
HTTP::enable
}
SSL::release
}