The http x-online-host blacklist command configures a blacklist used to detect the X-Online-Host field.
The undo http x-online-host blacklist command deletes an existing blacklist.
| Parameter | Description | Value |
|---|---|---|
blacklist |
Specifies a domain name or IP address. |
The value is a string of 4 to 127 characters. |
all |
Deletes all blacklists. |
- |
To use the http x-online-host check command to enable the detection of whether the domain name or IP address in the X-Online-Host field matches a blacklist, you need also to use the http x-online-host blacklist command to configure such a blacklist. If a domain name or IP address in the X-Online-Host field matches the blacklist, an anomaly is detected.
You can configure a maximum of 32 domain names or IP addresses in a blacklist.
# In IPS profile profile1, configure a blacklist used to detect the X-Online-Host field and set the domain name to www.example.com.
<sysname> system-view [sysname] profile type ips name profile1 [sysname-profile-ips-profile1] http x-online-host check blacklist action block [sysname-profile-ips-profile1] http x-online-host blacklist www.example.com