Header ordering causing WAF to trigger, any suggestions?
-
Hey,
So after much debugging, I found that the source of my problem I was facing for my config is that The order in which Openbullet is sending the headers, is causing the WAF to detect it as malicious. If changed using burp, the request goes through fine. Is there a way to specify an order to the headers?
-
If you want to have 100% control over your HTTP request then I suggest using TCP and writing the request manually
-
@Ruri said in Header ordering causing WAF to trigger, any suggestions?:
If you want to have 100% control over your HTTP request then I suggest using TCP and writing the request manually
Ill Look into it thank you! I'm guessing that is a feature on openbullet right?
-
OB1 can already do this but without proxies. If you need proxy support you need to wait OB2.
-
@Ruri said in Header ordering causing WAF to trigger, any suggestions?:
OB1 can already do this but without proxies. If you need proxy support you need to wait OB2.
Gottcha, I need proxys for this config, I'll wait, I'm going to try and make a simple python checker for this site though, Thanks a bunch for the help