Block Requests for Web Access Based on HTTP Methods
You can block a request for web access originating from a client of Secure Web Gateway based on a particular HTTP method that is included in this request. You can also select more than one method and block requests accordingly.
To enable blocking, import the HTTP Method Blocking rule set. After the import, you will find this rule set on the policy tree under Common Rules. Proceed as follows to go there and configure blocking based on HTTP methods.
- Select Policy > Web Policy > Policy.
- From the policy tree, select Common Rules | HTTP Method Blocking.
- Under These rules apply to all traffic, leave the default scope, which applies this rule set to all web traffic, or click Edit and select criteria to limit this scope. You can limit the scope, for example, to depend on location or client IP addresses.
- Select an HTTP method to block any web request that includes it, for example, the POST method. Select more methods as needed.
You have now configured blocking for web requests based on the HTTP methods you selected.