The http ssh-over-http check command enables detection of HTTP traffic involving SSH traffic.
The undo http ssh-over-http check command disables detection of HTTP traffic involving SSH traffic.
http ssh-over-http check action { alert | block }
undo http ssh-over-http check
action
Specifies the action.
-
alert
When an HTTP traffic contains the SSH traffic, the packet is permitted, and a log is recorded.
block
When an HTTP traffic contains the SSH traffic, the packet is blocked, and a log is recorded.
Intrusion prevention profile view
2: Configuration level
By default, this function is disabled.
# In IPS profile profile1, enable detection of HTTP traffic involving SSH traffic and set the action to block.
<sysname> system-view [sysname] profile type ips name profile1 [sysname-profile-ips-profile1] http ssh-over-http check action block