WAF block request - Attack Type "HTTP parser attack" Violations - "HTTP protocol compliance failedhe - check maximum header of numbers" header over 21 (Default value is 20, max value is 30)
Recommended Actions
Log on to the BIG-IP ASM/AWAF Configuration utility (gui).
Go to Security > Policy Building > Learning and Blocking Settings.
Expand HTTP protocol compliance failed.
Modify the Check maximum number of headers value to the required value for your application.
Click Save.
Click Apply Policy.
Reference:
Increase "Check maximum number of headers" to 30 under Learning and Blocking settings screen for a policy.
No comments:
Post a Comment