5 Replies Latest reply on Oct 22, 2012 9:23 AM by maitane

    Access to website denied

    maitane

      Hi,
      We´re having problems to acces to a website. Our MFE is blocking it and the audit shows "Invalid host name in a Host header"
      This doesn´t happens always, for example if I refresh the webpage after the blocking, sometimes I can access to it.
      I´ve read about this issue in the KB68431 and then I´ve created a rule allowing connections to the certain ip destination host.
      But even matching the rule, it continues blocking.

      Is anybody having this same problem?
      How did you fix it?

      Thanks in advance.

      Regards.

        • 1. Re: Access to website denied
          maitane

          Sorry, the webpage I´m trying to access is:

          mapasinteractivos.didactalia.net

          • 2. Re: Access to website denied
            PhilM

            The error you are receiving suggests that something within the header of the site is violating the HTTP application defense in place.

             

            Can you tell us which version you are running as between versions 6, 7 & 8 the way to approach this is quite different.

             

            -Phil.

            • 3. Re: Access to website denied
              maitane

              Hi Phil,

              I´m using 8.2.1 version

              • 4. Re: Access to website denied
                PhilM

                In v8, what you can do is to go to the Application Defenses screen (Policy -> Application Defenses -> Defenses), locate the default HTTP defense and make a duplicate copy.

                 

                Edit this new entry and you'll probably find that the setting you want to relax is likely to be located under the HTTP URL Control section (but could be in the HTTP Request or Reply tabs). Once you've changed the setting you can then create a new application defense group, with the HTTP option configured to use your new HTTP app defense and, finally, apply this new defense group to your rule.

                 

                Alternatively, if you don't want to concern yourself too much with individual settings, you could just straight to the Application Defense Group screen, make a duplicate copy of the group currently being used in the affected rule, set the HTTP option to "None" and apply this to the rule. This will result in the rule performing no HTTP-level inspection at all.

                 

                -Phil.

                • 5. Re: Access to website denied
                  maitane

                  Thanks very much Phil.