HTTP Protocol Validation
Only accept right FDQN request, otherwise deny or redirect it to portect your real server.
Useful to clean HTTP (port 80) robot scan.
Deny not acceptable HTTP method
Deny incorrect HTTP version
Requirement
Code
when HTTP_REQUEST {
# Check method first.
if { [HTTP::method] == "GET" || [HTTP::method] == "POST" } {
# do nothing
} else {
log local0. "[IP::remote_addr] -> [IP::local_addr]:[TCP::local_port] method [HTTP::method] not accept."
HTTP::redirect "http://www.au.edu.tw"
}
# Check HTTP version.
if { [HTTP::version] eq "1.0" || [HTTP::version] eq "1.1" } {
# do nothing
} else {
log local0. "[IP::remote_addr] -> [IP::local_addr]:[TCP::local_port] version [HTTP::version] not accept."
HTTP::redirect "http://www.au.edu.tw"
}
# Check FQDN.
if { [string tolower [HTTP::host]] contains "www.jal.tw"} {
# use specify service group
pool www_service_group
} elseif { [string tolower [HTTP::host]] ends_with "jal.tw"} {
# do nothing use default service group.
} else {
log local0. "[IP::remote_addr] -> [IP::local_addr]:[TCP::local_port] FQDN [HTTP::host] failed."
HTTP::redirect "https://www.google.com"
}
}