Hi all, I'm trying to figure out what the requests are that are resulting in the following Varnish responses and how to block them:
* << Request >> 39071654 - Begin req 39071653 rxreq - Timestamp Start: 1721059686.537197 0.000000 0.000000 - Timestamp Req: 1721059686.537197 0.000000 0.000000 - BogoHeader Illegal char 0x20 in header name - HttpGarbage "GET%00" - RespProtocol HTTP/1.1 - RespStatus 400 - RespReason Bad Request - ReqAcct 535 0 535 28 0 28 - End These are on AWS EC2 instances that are behind an Application Load Balancer (ALB) that is connected to a Web Application Firewall (WAF), so in theory I should be able to figure out a rule to add to the WAF to block these. I'd just need to get more information to do so, and AWS support could probably help, but I wanted to check here first if there's any way to get further information about such requests out of Varnish. FWIW, the 0x20 is a space character, but there are also similar requests reporting 0x09 (horizontal tab) characters. Thanks, Justin
_______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
