Here I am showing some of the Headers from the request.
The Host Header contains the MALICIOUS/UNWANTED alphabets before domain name/host name.
How it is possible to block such requests on ASM?
GET /abc/test/framework/web*********** HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36
You can use ASM policy to block invalid host headers: (response from: René Geile)
you allways need two parts for ASM features:
Configure the feature (i.e. define valid Host Headers, define valid methods)
Configure Blocking/Learning/Alerting for the violations of the features.
See Security- Application Security : Policy Building : Learning and Blocking Settings
Section "HTTP Compliance": Enable blocking. Enable all host header related subitems in this section. (Bad Host Header value, Host header contains an IP address...)
Section "headers" : Enable "blocking" for violation "illegal methods"
Thanks for the response.
Kindly share all the configurable features in ASM.
Which Host Headers should be defined?