How To Block Request Methods Using WAF

To block specific request methods, you will need to create a custom WAF rule and import it into the LoadMaster. Below is an example of a rule that will block all POST requests to a VS. The WAF rule will be coded as follows:


SecRule REQUEST_METHOD "^POST$" "id:123,drop,msg:'A post request was received'"


After pasting this into a text editor, save it as a .conf file extension. Import it into the LoadMaster under the Custom Rules section of the WAF Settings page. You can now assign this rule to a Virtual Sservice for production use.

Was this article helpful?

0 out of 0 found this helpful