<p>I use $_SERVER['HTTP_HOST'] for absolute url paths in my website. But, often, I find nginx error logs of HTTP/1.0 requests with undefined HTTP_HOST.</p> <p>Is it advisable to block these requests? What's the best way to block them? </p>

Should I block HTTP 1.0 request? [closed]

1 Answers

Is it advisable to block these requests?

If your application cannot serve anything meaningful without the host, then it's IMO advisable. Furthermore I couldn't find anything in HTTP 1.1 which says applications have to be backward compatible.

What's the best way to block them?

Answer them with 505 HTTP Version Not Supported.

182

answered Oct 13 '22 11:10

Markus Malkusch

Recent Activity
Apple Pay - authorize.net returns error 153 only when live, sandbox works
How to continue cursor loop even error occured in the loop
python find all neighbours of a given node in a list of lists
Fatal error: Call to a member function setColumn() on a non-object in Magento
Count how many of each value from a field with MySQL and PHP
Python 32-bit development on 64-bit Windows [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With

Should I block HTTP 1.0 request? [closed]

Tags:

security

php

nginx

Medical physicist

1 Answers

Markus Malkusch

Recent Activity

Donate For Us

Should I block HTTP 1.0 request? [closed]

Tags:

security

php

nginx

Medical physicist

1 Answers

Markus Malkusch

Related questions

Recent Activity

Donate For Us