Header Rejection

Some exploits are carried in standard HTTP headers with custom values (for example, in the Host header), or in custom HTTP headers. You can protect against such exploits by rejecting HTTP requests that contain specific headers and header values.

Header Rejection Fields

In this field…	Do this…
Action	Specify what action to take when an HTTP header-based exploit is detected, by selecting one of the following: Block. Block the attack. None. No action. This is the default.
Track	Specify whether to log HTTP header-based exploits, by selecting one of the following: Log. Log the attack. None. Do not log the attack. This is the default.
HTTP header values list	Select the HTTP header values to detect.

In this field…

Do this…

Action

Specify what action to take when an HTTP header-based exploit is detected, by selecting one of the following:

Block. Block the attack.
None. No action. This is the default.

Track

Specify whether to log HTTP header-based exploits, by selecting one of the following:

Log. Log the attack.
None. Do not log the attack. This is the default.

HTTP header values list

Select the HTTP header values to detect.