這是本文件的舊版!
HTTP Protocol Validation
- Only accept right FDQN request, otherwise deny or redirect it to portect your real server.
- Useful to clean HTTP (port 80) robot scan.
- Deny not acceptable HTTP method
- Deny incorrect HTTP version
Requirement
- Service Type: HTTP / HTTPS
Code
when HTTP_REQUEST { # Check method first. if { [HTTP::method] eq "GET" || [HTTP::method] == "POST" } { # do nothing } else { HTTP::redirect "https://www.google.com" } # Check HTTP version. if { [HTTP::version] eq "1.0" or [HTTP::version] == "1.1" } { # do nothing } else { HTTP::redirect "https://www.google.com" } # Check FQDN. if { [string tolower [HTTP::host]] contains "www.jal.tw"} { # use specify service group pool www_service_group } elseif { [string tolower [HTTP::host]] ends_with "jal.tw"} { # do nothing use default service group. } else { HTTP::redirect "https://www.google.com" } }