Prophaze
  • What is Prophaze AppSec Platform? How it works?
    • Performance
    • SSL Termination
    • Modes of Operation
  • Prophaze AppSec Best Practices
  • Application Onboarding
    • Account Creation
    • Deployment Models
      • Cloud
      • On-Premise
      • Kubernetes Deployment
    • Multi-Cloud Setup
  • DASHBOARD UI OVERVIEW
    • Dashboard
    • Traffic Analysis
    • API Security
    • Attack Analytics
    • DDOS Attacks
    • Rules Page
    • Bot Mitigation
    • Anomaly Detection
    • Reporting
    • Attack Types
    • Incidents
    • AppSec Toggle Mode
    • SSL Certificate
  • HTTP Support
    • Encoding Types
    • Protocol Validation
  • Protection Use Cases
    • HTTP Protocol Violation
    • Protocol Anomalies
    • Bot Detection
    • Injection Prevention
    • HTTP Request Smuggling
    • HTTP Response Splitting
    • XSS Prevention
    • LFI and RFI
    • Session Fixation
    • SQL Injection Prevention
    • Layer 7 Dos Attack Prevention
    • PHP Application Protection
  • Detection Techniques
    • Normalization
    • Negative Security Model
    • Signature and Rule Database
  • FAQ
    • Onboarding Process
    • Dashboard Terminology
    • Attack Section
    • Rule Set
    • Traffic 360: General Traffic Logs
    • ML Based Bot Mitigation
    • Generating Reports
    • Anomaly Detection
    • General
  • Software Updates
    • Release Notes v2.3.0
  • Release Notes v2.4.0
  • Release Notes v2.5.0
  • API Security Dashboard
    • API Security Features of Prophaze
    • API security scoring
    • Host-Based API Quality Score
    • How to Enable API Security and Dashboard
    • API Security Section
  • CVE
    • CVE-2024
    • CVE-2023
    • CVE-2022
    • CVE-2021
    • CVE-2020
    • CVE-2019
    • CVE-2018
    • CVE-2017
    • CVE-2012
    • CVE-2011
    • CVE-2009
    • CVE-2008
    • CVE-2001
Powered by GitBook
On this page

Was this helpful?

  1. HTTP Support

Protocol Validation

Prophaze WAF has the following protocol validations in effect

  • Method Restriction

  • Protocol and Protocol version Restriction

  • RFC Validation

  • URL Encoding Validation

  • Validation of Non-Standard Encoding

  • Cookie Enforcement

Additional Restrictions

  • Element content and length

  • Element byte range

  • Character set validations

Restrictions can be applied at

  • Application Level

  • Object Level

  • Parameter Level

Additional Protocol Limits Supported by Prophaze WAF

  • Request method length

  • Request line length

  • Request URI length

  • Header name and value

  • Request body length

  • Cookie value , name and number

  • Parameter name , value and length

PreviousEncoding TypesNextHTTP Protocol Violation

Last updated 6 months ago

Was this helpful?