HTTP Protocol Violation

Prophaze WAF can detect and block HTTP Protocol violation detection in the following ways

  • Blocking GET/HEAD Request with a body

  • POST Request without Content-Length Header

  • Identity should be used in Accept-Encoding not in Content-Encoding

  • Denies non HTTP/1.1 Requests HTTP/1.1 request with pragma:no-cache header with out corresponding Cache-Control header

  • Request with abnormal or excessive byte range in one request Request with Broken connection header

Last updated