Signature Detail
Short Name |
HTTP:AUDIT:HTTP-1.0-HOST-HEADER |
|---|---|
Severity |
Low |
Recommended |
No |
Category |
HTTP |
Release Date |
2011/07/18 |
Update Number |
1956 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: HTTP Version 1.0 with Host Header
This signature detects HTTP version 1.0 requests which include a "Host" header. RFC-1945 defines the HTTP 1.0 protocol, which does not support host headers. Most HTTP servers will accept host headers from a version 1.0 request regardless. Some poorly-written HTTP clients, including malware and DDOS programs, will attempt to send a host header with a version 1.0 request. This request is technically incorrect, however, it is not inherently malicious.
References