Detect Malicious Requests
The Detect Malicious Requests check box is available in the Advanced Properties section of the Virtual Service modify screen. To access this screen, in the LoadMaster Web User Interface (WUI), go to Virtual Services > View/Modify Services and click Modify on the relevant Virtual Service.
The Intrusion Prevention System (IPS) service will provide in-line protection of the Real Server(s) by providing real-time mitigation of attacks and isolation of the Real Server(s). Intrusion prevention is based on the industry standard SNORT database and provides real-time intrusion alerting.
Selecting the Detect Malicious Requests check box enables the IPS per HTTP and offloaded HTTPS Virtual Services. There are two options for handling of requests that match a SNORT rule; Drop Connection, where a rule match will generate no HTTP response, or Send Reject, where a rule match will generate a response to the client with a HTTP 400 “Invalid Request”. Both options prevent the request from reaching the Real Server(s).