Forum Discussion

Nick_Palmer_f5's avatar
Nick_Palmer_f5
Icon for Nimbostratus rankNimbostratus
Oct 24, 2013

Blocking a HTTP Verb/Method

Hello!

 

Could you please help me come up with a solution on suppressing/blocking a HTTP verb? Will iRule be a good option for this? A site we host was scanned by client which showed the TRACE method was allowed.

 

Thank you for your help/advice.

 

3 Replies

  • It might be better to use a data group so you can manage multiple verbs without complicating the iRule:

    when HTTP_REQUEST {    
        if { [class match [HTTP::method] equals disallowed_verbs] } {
            log local0. "Attempt by [IP::client_addr] with a forbidden HTTP verb: [HTTP::method]"            
            reject
        }
    }
    

    disallowed_verb string data group:

    PUT := 1    
    TRACE := 1    
    DELETE := 1
    
  • That should work, and you can actually shorten it:

    when HTTP_REQUEST {  
        if { [string tolower [HTTP::method]] equals "trace" } {
            log local0. "Attempt by [IP::client_addr] with a forbidden HTTP verb: [HTTP::method]"            
            reject
        }
    }