Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Not applicable

Created on ‎11-14-2007 12:00 AM

Article Id 191960

Using IPS to block HTTP POST, PUT and DELETE requests

Article
Description Using IPS custom signatures to block HTTP POST, PUT and DELETE requests.
Components
  • All FortiGate units runing FortiOS v3.0.
Steps or Commands

You can use the following custom signatures to detect and stop HTTP POST, PUT and DELETE requests. These requests are common methods used on the Internet, especially POST. These requests do not indicate attacks by themselves.

F-SBID( --name "Block.HTTP.POST"; --protocol tcp; --service HTTP; --flow from_client; --pattern "POST "; --context uri; --within 5,context; )

F-SBID( --name "Block.HTTP.PUT"; --protocol tcp; --service HTTP; --flow from_client; --pattern "PUT "; --context uri; --within 4,context; )

F-SBID( --name "Block.HTTP.DELETE"; --protocol tcp; --service HTTP; --flow from_client; --pattern "DELETE "; --context uri; --within 7,context; )


Labels:
3860
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.