ADC

Example 4: Mask the HTTP server type

Example Inc. wants to modify the HTTP Server: header so that unauthorized users and malicious code cannot use the header to identify the software that the HTTP server uses.

To modify the HTTP Server: header, you would create a rewrite action and a rewrite policy with the values in the following tables.

Action Name Type of Rewrite Action Expression to choose target reference String expression for replacement text
Action-Rewrite-Server_Mask REPLACE HTTP.RES.HEADER(“Server”) “Web Server 1.0”
Policy Name Action Name Undefined Action Expression
Policy-Rewrite-Server_Mask Action-Rewrite-Server_Mask NOREWRITE HTTP.RES.IS_VALID

Example commands:

> add rewrite action Action-Rewrite-Server_Mask REPLACE HTTP.RES.HEADER("Server") "\"Web Server 1.0\""

> add rewrite policy-Rewrite-Server_Mask HTTP.RES.IS_VALID Action-Rewrite-Server_Mask NOREWRITE

You would then globally bind the rewrite policy, assigning a priority of 100 and setting the Goto Priority Expression of the policy to END.

The HTTP Server: header is now modified to read “Web Server 1.0,” masking the actual HTTP server software used by the Example Inc. Web site.

Example 4: Mask the HTTP server type

In this article