We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

How do I block requests without User-Agent headers on the Barracuda Web Application Firewall?

  • Type: Knowledgebase
  • Date changed: 7 months ago
Solution #00005876


Scope:

This solution applies to the Barracuda Web Application Firewall, all firmware versions.

Answer:
The Web Application Firewall can block the requests coming in without a ?User-Agent? header in it. In order to do this, please proceed with the following steps:
  1. Log in to the Web Application Firewall and navigate to ?Websites > Allow/Deny?.
  2. Click on ?Add? under ?URL : Allow/Deny Rules? for the specific service where you want to configure this.
  3. Now you will get a pop-up screen. Enter the following values into it.
    • URL ACL Name: deny_rule
    • Enable URL ACL: Yes
    • Host Match: *
    • URL Match: /*
    • Extended Match: (Header User-Agent nex )
    • Extended Match Sequence: 1
    • Action: Deny
    • Deny Response: Response Page
    • Response Page: default
  4. Click on ?Add?.
Now on Web Application Firewall should block any requests coming in without a User-Agent header defined.

Link to this page:

https://campus.barracuda.com/solution/50160000000IgmzAAC