Restricting client access based on the Host http header

Comments

Hi Team,

About this issue, i have applied the expression filter but it wont work. I am using alias name as localhost and i got 403 forbidden error.
response-code(403)"/>

in this expression where should i give my host lists or hostname?

I want achieve the below mentioned rules.

Application should not trust the host header blindly
Developers should configure the whitelist of allowed hostnames.
Application should be configured with server name indication (SNI) functionality.

Thanks,
Dhanushkodi

Started 2020-03-06T21:37:55+00:00 by

Star bct

Newbie 17 points

Responses

Here are the common uses of Markdown.

Code blocks

~~~
Code surrounded in tildes is easier to read
~~~

Links/URLs

[Red Hat Customer Portal](https://access.redhat.com)

Select Your Language

Restricting client access based on the Host http header

Responses

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Responses

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links