Block hostile http methods?



  • Alright, subject mostly describes what I am trying to do, I have a system which is behind a pfsense 2.0 firewall (yes, I know it is beta, I could switch to 1.2 if necessary).  It has recently come under attack from a source using various IPs to send non-standard http methods (things like shellcode attacks, unfriendly messages, etc.).

    I would like to just block those all at the firewall if at all possible.  (Likely just check within the http session, and if method is anything other then get or post, as that is all I use, then RST the connection to free resources on the webserver, and drop the packet, no response to attacker.)

    Can anyone provide advice on how to do that?  Thanks in advance!



  • You would probably either need to set up the web server to not allow HTTP methods other than get or post or set up a reverse proxy and block them there.


Locked