Hello,
I'd like to block requests that contain a specific Header "X-Forwarded-Host" using a rule in my Web ACL by using a "Size match condition" (like it is also demonstrated in Option 2 from this guide: https://aws.amazon.com/de/premiumsupport/knowledge-center/waf-block-http-requests-no-user-agent/)
I tired four scenarios but none was able to match the requests where the Header was set.
- If matches: Size greater than or equal to 0 -> matches nothing
- if matches: Size less than or equal to 0 -> matches nothing
- If NOT matches: Size greater than or equal to 0 -> matches every request without the header
- if NOT matches: Size less than or equal to 0 -> matches every request without the header
Expected behavior would be that 1. or 4. would match the requests.
Am I overlooking something here or is there a different solution?
Thank you for your time