Advanced: Host Header Validation
Use the Security > Advanced > Host Header Validation options to enhance security of incoming HTTP traffic in Ivanti EPMM, by validating HTTP host headers. When you enable this feature, incoming HTTP host headers must contain either the specified internal hostname or the allowed external hostnames.
This section includes the following topics:
Selecting host header validation
Procedure
To validate host headers in your Ivanti EPMM HTTP traffic:
- Log into System Manager.
- Go to Security > Advanced > Host Header Validation.
- Go to the Strict Host Header Validation options.
-
Modify the fields, as necessary.
Refer to Strict Host Header Validation options table for more information.
- Click Apply > OK.
Strict Host Header Validation options
The following table summarizes the Strict Host Header Validation options:
Fields |
Description |
Enable Strict Host Header Validation |
Check this option to enable HTTP host header validation. |
Internal Server Names |
The internal server name is displayed. |
External Server Name |
(Optional) Specify one or more external server names that are trusted in the HTTP host header. |