Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Block hostile http methods?

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Section9_Bateau
      last edited by

      Alright, subject mostly describes what I am trying to do, I have a system which is behind a pfsense 2.0 firewall (yes, I know it is beta, I could switch to 1.2 if necessary).  It has recently come under attack from a source using various IPs to send non-standard http methods (things like shellcode attacks, unfriendly messages, etc.).

      I would like to just block those all at the firewall if at all possible.  (Likely just check within the http session, and if method is anything other then get or post, as that is all I use, then RST the connection to free resources on the webserver, and drop the packet, no response to attacker.)

      Can anyone provide advice on how to do that?  Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • E
        Efonnes
        last edited by

        You would probably either need to set up the web server to not allow HTTP methods other than get or post or set up a reverse proxy and block them there.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.