Blocking PROPFIND HTTP method with F5 load balancers

when HTTP_REQUEST {
switch [HTTP::method] {
"PROPFIND" {
if { !([IP::addr [IP::client_addr] equals 10.0.0.0/8]) } {
# deny PROPFIND HTTP/WebDAV method from untrusted networks
HTTP::respond 405 content "Method not allowed"
return
}
}
}
}
  • switch [HTTP::method] triggers when PROPFIND method is used for the request.
  • if { ... } block checks whether the client is coming from 10.0.0.0/8 CIDR block, and sends 405 HTTP error code if not.

--

--

Random rumblings about #InfoSec. The opinions expressed here are my own and not necessarily those of my employer.

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Airman

Airman

Random rumblings about #InfoSec. The opinions expressed here are my own and not necessarily those of my employer.