Dear all,
Imperva WAF has it's default number of allowed headers per request/response to perform security checking. However, nowadays it seems quite common that security & network devices would insert some headers into the request and consequently it becomes much easier to trigger the Too Many Headers per Request/Response violations with the default value. I think the Imperva WAF checking is good and I don't prefer to add exception to bypass that. Instead, I would like to know if there is any way to modify the default value of allowed headers per request/response to match our application environment?
Thank you.
#On-PremisesWAF(formerlySecuresphere)------------------------------
Ken Chau
IT Manager
------------------------------