Does WAF protect my application from HTTP Request Smuggling attacks?
- WAF Policy/Policies
Yes, WAF protects your application from HTTP Request Smuggling attacks.
The below means are you used for the protection:
- HTTP protocol compliance failed violation blocking module set to Block with the following sub-violations enabled:
- Several Content-Length headers
- Chunked request with Content-Length header
- Unparsable request content
- POST request with Content-Length: 0.
- The following WAF attack signatures are enabled:
- HTTP Desync Attack Attempt, ID 200018061
- HTTP Response Splitting (1)(Parameter), ID 200023001
- HTTP Response Splitting (2)(Parameter), ID 200023002
- HTTP Response Splitting (3)(Parameter), ID 200023003
- HTTP Response Splitting (4)(Parameter), ID 200023004
- Non-standard Transfer-Encoding header value, ID 200200002
- Request Smuggling Attempt (CR Before CL Header), ID 200018085
- Request Smuggling Attempt (SP/CR after CL), ID 200018086.
For the protection to be successful, the above must be enabled on the related WAF policy. SOC will help you to check if the above is enabled and will enable it for you if it is not.