How to Mitigate against Proxy Header Vulnerability

Common Gateway Interface (CGI) Server-side Web Applications can send an automated response for every request they receive. Attackers can use these automated responses to insert a value within the Proxy header of HTTP requests for malicious purposes.

To remove this vulnerability, create a content rule deleting the Proxy header from incoming requests to a port 80 redirect Virtual Service.

1. Create a rule in Rules & Checking > Content Rules > Create New

2. Change the rule type to Delete Header.

3. For the Header Field to be Deleted, enter Proxy.

Note that the header values are case sensitive. 

delete_proxy.JPG

4. To add this rule, navigate to your port 80 Redirect Virtual Service and select Advanced Properties > HTTP Header Modifications > Show Header Rules.

 

 

5. Add the created rule to Request Rules

delete_rule.JPG

 Now the Proxy header field is removed from all port 80 requests thus removing this potential vulnerability.

 

Was this article helpful?

0 out of 0 found this helpful

Comments