It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

Allow/Deny Rules for Headers

  • Last updated on

You can enforce strict limitations on incoming headers intended for a service using the WEBSITES > Allow/Deny Rules > Header : Allow/Deny Rules section. You can sanitize HTTP headers that carry sensitive information identifying the client and some application-specific state information passed as one or more HTTP headers. A header ACL can be configured to prevent attack types and stop potentially malicious metacharacters and keywords from being allowed in a header.

To create a Header ACL rule:
  1. Go to the WEBSITES > Allow/Deny Rules page.
  2. In the Header : Allow/Deny Rules section, identify the service which needs a header ACL rule.
  3. Click Add next to the service. The Create Header ACL window appears.
  4. Specify appropriate values for the given fields and click Save.

For more information, click Help in the web interface. Also, see Allow/Deny/Redirect Rules for URLs.


Last updated on