We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

Allow/Deny Rules for Headers

  • Last updated on

You can enforce strict limitations on incoming headers intended for a service using the WEBSITES > Allow/Deny Rules > Header : Allow/Deny Rules section. You can sanitize HTTP headers that carry sensitive information identifying the client and some application-specific state information passed as one or more HTTP headers. A header ACL can be configured to prevent attack types and stop potentially malicious metacharacters and keywords from being allowed in a header.

To create a Header ACL rule:
  1. Go to the WEBSITES > Allow/Deny Rules page.
  2. In the Header : Allow/Deny Rules section, identify the Service which needs a header ACL rule.
  3. Click Add next to the Service. The Create Header ACL window appears.
  4. Specify appropriate values for the given fields and click Save.

For more information, click Help in the web interface.

Related Articles:

Allow/Deny Rules for URLs

Last updated on