Forum Discussion

Wasfi_Bounni's avatar
Wasfi_Bounni
Icon for Cirrocumulus rankCirrocumulus
Mar 01, 2021

illegal method attack deos not result in a the blocking response page

Hi;

 

In the ASM, illegal http method attack is blocked but it does not result in the blocking response page shown to the user.

 

 

Kindly

Wasfi

7 Replies

  • would need some more information.

     

    when you say "In the ASM, illegal http method attack is blocked", do you mean it is configured to block or do you see it blocked in the event request log?

     

    are other attacks blocked with a block page shown?

     

    how do you test this? which METHOD?

  • It is configured to block and the event request log shows it as being blocked.

     

    I use postman and the request is blocked but no block response page.

    • boneyard's avatar
      boneyard
      Icon for MVP rankMVP

      interesting, and if you do a regular request or a different attack you do get the block page?

  • I sure do. I get a 200Ok response with no body. My aim is to have a 200Ok response with the block page or a 405 response.

    • boneyard's avatar
      boneyard
      Icon for MVP rankMVP

      you didn't make changes to the Response Pages?

       

      what exactly are you sending via Postman?

    • boneyard's avatar
      boneyard
      Icon for MVP rankMVP

      an API call is normally nothing else then a specific HTTP request.

       

      provide what you use in Postman i can check if it gives a block page with my settings.