Activity Processors: Method Processor

GET and POST are two very well known HTTP request methods. A request method is a keyword that tells the server what type of request the user is making. In the case of a GET, the user is requesting a resource. In the case of a POST, the user is submitting data to a resource. There are however, several other supported request methods which include HEAD, PUT, DELETE, TRACE, and OPTIONS. These methods are intended to divide the types of requests into more granular operation. In almost all web application implementations, the PUT, DELETE, TRACE and OPTIONS methods are all left unimplemented. Unfortunately, some systems provide default implementations for things such as TRACE and OPTIONS. As a result, some administrators accidentally expose unprotected services. Hackers often try these different request methods to identify servers which support them, and therefore can be vulnerable.

Table 25: Method Processor Configuration Parameters

Parameter	Type	Default Value	Description
Basic			Whether traffic should be passed through this processor.
Processor Enabled	Boolean	True
Advanced
Block Unknown Methods	Boolean	True	Whether to block requests that contain unknown HTTP methods.
Block Unknown Protocol	Boolean	True	Whether to block requests that contain unknown HTTP protocols.
Known Methods	Collection	Collection	The list of known HTTP methods. Also allows you to customize the action to take for each occurrence of the known HTTP method.
Incident: Illegal Method Requested	Boolean	True	The user issued a request using an HTTP method which is considered illegal.
Incident: Unexpected Method Requested	Boolean	True	The user issued a request using a request method other then GET, POST, and HEAD, which resulted in a server error.
Incident: Missing HTTP Protocol	Boolean	True	No protocol specified in GET line.
Incident: Unknown HTTP Protocol	Boolean	True	Non standard protocol specified in GET line (anything except 0.9, 1.0, 1.1).