Protocol validation

Configure protocol validation rules
Service protocol validation
Prevent malformed request methods

The protocol validation policy group verifies the HTTP and HTTPS protocols used by clients to request content from your website’s origin server. If the request meets the protocol-specific requirements, the transaction is allowed, while all non-compliant transactions are blocked.

Configure protocol validation rules

You can review and configure protocol validation rules in the Gcore Customer Portal: 1. Navigate to WAAP > Bot Management. 2. In the domain dropdown at the top of the page, select the needed domain. 3. The Bot Attacks tab contains protocol validation rules such as Invalid user agent and Unknown user agent.

InfoAll protocol validation policies are enabled by default. To change the policy mode, click the Mode dropdown and select Protection or Disabled.

Service protocol validation

Block clients that try to interfere with the service’s internal calls, such as tampering with cookies or request headers.

Prevent malformed request methods

Enforce HTTP RFC requirements that define how the client is supposed to interact with the server. If the requests don’t meet the RFC standards, the client will be challenged with CAPTCHA or JavaScript validation. Clients that fail to pass the validation will be blocked.

Advanced API protection Response pages

⌘I

Account settings

CDN

FastEdge

Edge Cloud

Edge AI

Managed DNS

Hosting

Object Storage

Video Streaming

DDoS protection

Edge Proxy

WAAP

Configure protocol validation rules

Service protocol validation

Prevent malformed request methods

Account settings

CDN

FastEdge

Edge Cloud

Edge AI

Managed DNS

Hosting

Object Storage

Video Streaming

DDoS protection

Edge Proxy

WAAP

Documentation Index

​Configure protocol validation rules

​Service protocol validation

​Prevent malformed request methods

Configure protocol validation rules

Service protocol validation

Prevent malformed request methods