HTTP: HTTP Version 1.0 with Host Header

This signature detects HTTP version 1.0 requests which include a "Host" header. RFC-1945 defines the HTTP 1.0 protocol, which does not support host headers. Most HTTP servers will accept host headers from a version 1.0 request regardless. Some poorly-written HTTP clients, including malware and DDOS programs, will attempt to send a host header with a version 1.0 request. This request is technically incorrect, however, it is not inherently malicious.

Short Name
HTTP:AUDIT:HTTP-1.0-HOST-HEADER
Severity
Warning
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
1.0 HTTP Header Host Version with
Release Date
07/18/2011
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3324
False Positive
Occasionally

Found a potential security threat?