Short Name |
HTTP:AUDIT:HTTP-1.0-HOST-HEADER |
---|---|
Severity |
Warning |
Recommended |
No |
Category |
HTTP |
Keywords |
HTTP Version 1.0 with Host Header |
Release Date |
2011/07/18 |
Update Number |
1956 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects HTTP version 1.0 requests which include a "Host" header. RFC-1945 defines the HTTP 1.0 protocol, which does not support host headers. Most HTTP servers will accept host headers from a version 1.0 request regardless. Some poorly-written HTTP clients, including malware and DDOS programs, will attempt to send a host header with a version 1.0 request. This request is technically incorrect, however, it is not inherently malicious.