HTTP header injection

Saad1 · ‎04-28-2024

Hello,

how we can block http header injection in fortiOS.

if the IPS what is the name of signature.

thanks

AEK · ‎04-28-2024

Hi Saad

Do you mean this one?

https://www.fortiguard.com/encyclopedia/ips/41512

AEK

Saad1 · ‎04-28-2024

Thanks for your answer.

no I mean http header injection attacks

not http sql injection

AEK · ‎04-28-2024

This one is HTTP header injection, protected by FortiGate but it concerns Oracle WebCenter Sites.

https://www.fortiguard.com/encyclopedia/ips/35215

The above is included in IPS signatures.

Unfortunately I couldn't check if "HTTP header injection" is included in FG's WAF signatures since it seems not documented by Fortinet.

AEK

Saad1 · ‎04-28-2024

for oracle websever it does not concern us, this attack concerns our website it is qualys which detects this attack.
for my part I am looking for a solution that will protect us from this attack “HTTP header injection" whether it is IPS or WAF signature FG.

amuda · ‎04-28-2024

Hi @Saad1

You can create a custom IPS signature. Please refer here: https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-custom-IPS-signature-for-...

Amerul
APAC TAC

Saad1 · ‎04-28-2024

Hello,

what is the f-sbid for http header injection please.

HTTP header injection

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website