smalex
Altostratus
AltostratusASM- Bad HTTP version
We have implemented ASM last day and many requests are blocked stating: Bad HTTP version. Version is 1.1 but still its blocked. What might be the reason. Please Guide.
Forum Discussion
5 Replies
- Kevin_Davies
MVP
ASM will allow HTTP version 1.1. If you're getting bad version then you need to delve into the headers. If you can paste an example here then we can possibly tell you where things are wrong. After you paste, make sure to hit TAB as this will format it as code.
smalexGET /sherya/wps/contenthandler/!ut/p/digest!oHOwO7o4KqyDRa6fZ4MVyg/searchfeed/search?queryLang=en_US&date=1&index=RemoteEJBSearchService::/opt/IBM/WebSphere/wp_profile/PortalServer/collections/HAD_FAQ_en&query=HAD License exams&pageSize=300 HTTP/1.1
- Kevin_Davies
This is not a valid URL. No wonder ASM is flagging it.
"...HAD_FAQ_en&query=HAD License exams&p..."
You can't have spaces in a URL. Its likely thinking "License" is the HTTP version.
- smalex
Thank you for the reply. But Without ASM in place these were working. Shouldn't it have been blocked?
- Kevin_Davies
What is there to block it? Firewalls never see the URL in a SSL session, only the application sees the final request and it will either accept it or it won't. The request is definitely outside the spec for HTTP. ASM will never pass this kind of request as it fails protocol compliance. One of the very reasons Application Security Manager was designed to address.
