Issue:
We're running a Web Agent on Apache. We are facing issues with HTTP
requests havig Range header "bytes=100-200,201-300" :
GET /mytestfile.html HTTP/1.1
Host: mymachine.mydomain.com
Range: bytes=100-200,201-300
User-Agent: Mozilla/4.61 [en] (WinNT; I)
we get error 403 Forbidden.
If the request present Range header as "bytes=100-200", we receive 101
Bytes of the resource and the request is processed correctly.
Why do we have this?
Environment:
Web Agent on 12.52SP1CR00 on Apache 2.4.25
Cause:
This issue is outside our Web Agent.
A Security Measure to allow only some characters like the one described in this note causes the issue.
https://www.trustwave.com/Resources/SpiderLabs-Blog/(Updated)-Mitigation-of-Apache-Range-Header-DoS-Attack/
Resolution:
You'll be able to fix this issue by allowing only two ranges like
bytes=300-400,401-500 and not more. This will eliminate the risk of
DoS and will work.
KD : TEC1276053