7. Procedure – Disabling HTTP byteranges and download managers
Purpose:
Downloading byteranges (used also by download managers) can confuse antivirus applications, or often make it impossible to perform virus filtering on the downloaded file. Therefore, you might want to forbid the use of byteranges. Disabling byteranges has the following effects:
Virus filtering becomes possible in the downloaded data.
Download managers will not work. (The security policy of many organizations forbids using download managers anyway.)
The clients cannot resume incomplete downloads.
To disable byteranges, you have to configure your HTTP proxy (for example, HttpVirusProxy) to forbid the use of certain HTTP headers. Complete the following steps.
Steps:
Select
, then select theHttpVirusProxy
proxy class.Add the
self.response_header
attribute to the panel.Select this new attribute, then click
.Enter
Accept-Ranges
, then click .The server sends the
Accept-Ranges: bytes
HTTP header to inform the client about the type of range requests it accepts (RFC 2616 14.5). If the server does not support range requests, it sends the following header to explicitly deny the use of byte-ranges:Accept-Ranges: none
.To delete every
Accept-Ranges
header from the HTTP traffic, click on the text in the field, then selectconst_http_hdr_drop
.Python:
self.response_header["Accept-Ranges"] = (HTTP_HDR_DROP)
Note The client can send byterange requests to the server, because the absence of the header does not mean that the server does not support downloading byteranges.
To explicitly state that the server does not support byteranges, click on the text in the
field, then selecttype_http_hdr_replace
. Click , then enterNONE
.Python:
self.response_header["Accept-Ranges"] = (HTTP_HDR_REPLACE, "NONE")
Note That still does not mean that the client cannot send byterange requests.
To ensure that the clients cannot use byteranges, you can delete the
Range
header from the client requests, or even reject the entre request.To delete only the
Range
header and leave the rest of the request unchanged, add theRange
key to the attribute, it to typeconst_http_hdr_drop
.Python:
self.request_header["Range"] = (HTTP_HDR_DROP)
To reject the entire request, add the
Range
key to the attribute, it to typeconst_http_hdr_abort
.Python:
self.request_header["Range"] = (HTTP_HDR_ABORT)
© 2021 BalaSys IT Security.
Send your comments to support@balasys.hu