HTTP Protocol Validation

  • Only accept right FDQN request, otherwise deny or redirect it to portect your real server.
  • Useful to clean HTTP (port 80) robot scan.
  • Deny not acceptable HTTP method
  • Deny incorrect HTTP version
  • Service Type: HTTP / HTTPS
when HTTP_REQUEST {
  # Check method first.
  if { [HTTP::method] == "GET" || [HTTP::method] == "POST" } {
    # do nothing
  } else {
    log local0. "[IP::remote_addr] -> [IP::local_addr]:[TCP::local_port] method [HTTP::method] not accept."
    HTTP::redirect "http://www.au.edu.tw"
  }
 
  # Check HTTP version.
  if { [HTTP::version] eq "1.0" || [HTTP::version] eq "1.1" } {
    # do nothing
  } else {
    log local0. "[IP::remote_addr] -> [IP::local_addr]:[TCP::local_port] version [HTTP::version] not accept."
    HTTP::redirect "http://www.au.edu.tw"
  }
 
  # Check FQDN.
  if { [string tolower [HTTP::host]] contains "www.jal.tw"} {
    # use specify service group
    pool www_service_group
  } elseif { [string tolower [HTTP::host]] ends_with "jal.tw"} {
    # do nothing use default service group.
  } else {
    log local0. "[IP::remote_addr] -> [IP::local_addr]:[TCP::local_port] FQDN [HTTP::host] failed."
    HTTP::redirect "https://www.google.com"
  }
}