Restrict Request Headers
A request header is an HTTP header that can be used in an HTTP request to provide information about the request context, so that the server can tailor the response. For example, the Accept- headers indicate the allowed and preferred formats of the response.
Threat actors attempting to gain control of websites will typically inject code into a request header. If the website is not protected, it may “dump” memory back as the reply – allowing the threat actor to possibly have access to passwords and usernames that are active.
By enabling this feature, the SonicWall SMA 100 series will not allow anything except what is expected in the header – thus not allowing for injection type attacks on the webservice.
Was This Article Helpful?
Help us to improve our support portal