I've trying to limit access to a specific hostname. I've added the desired host name in Security/Application/Headers/Host Names. The policy is enforcing (e.g. GeoIP blocking is working), but it still allows other host names.
The log shows the entries with the unwanted host header.
Any tips? Is there something else I need to turn on?
I also removed "HEAD" from the Methods list, but can still use HEAD.
This is v22.214.171.124
you allways need two parts for ASM features:
Configure the feature (i.e. define valid Host Headers, define valid methods)
Configure Blocking/Learning/Alerting for the violations of the features.
See Security- Application Security : Policy Building : Learning and Blocking Settings
Section "HTTP Compliance": Enable blocking. Enable all host header related subitems in this section. (Bad Host Header value, Host header contains an IP address...)
Section "headers" : Enable "blocking" for violation "illegal methods"
Thanks René. Just what I needed to know.