LogoLogo
  • ShieldsGuard - User Guide
  • Installation Steps
    • Shields Guard Installation
    • Shields Guard SEG Installation
  • Getting Started
    • 1. General Welcome and Site Management Panel
    • 2. Overview
      • 2.1 Today's Data
      • 2.2 Country Statistics
      • 2.3 URL Statistics
      • 2.4 IP Statistics
      • 2.5 HTTP Status Statistics
    • 3. Protection
      • 3.1 DDoS Protection
        • 3.1.1 Google Recaptcha Setup
        • 3.1.2 Friendly Captcha Setup
      • 3.2 WAF – Web Application Firewall
    • 4. Security Rules
      • 4.1 BlackList & WhiteList
      • 4.2 User Agent Filtering
      • 4.3 Query String Filtering
      • 4.4 HTTP Header Filtering
      • 4.5 Block POST Values
      • 4.6 Custom Headers
      • 4.7 Block URL Requests
      • 4.8 URL Path Blocking
      • 4.9 Encrypt Path
      • 4.10 Remove Request Value
      • 4.11 Exclude Directories from Protection
    • 5. Logs
      • 5.1 Access Log
      • 5.2 Security Log
    • 6. Asset Management
      • 6.1 Asset Management
      • 6.2 Network Topology
      • 6.3 Vulnerability Scan
    • 7. Access
  • 8. DNS
  • 9. SSL
  • 10. Subdomain Manage
  • 11. Edit Page
  • ShieldsGuard SEG
    • 1. SEG Dashboard
    • 2. Reporting
    • 3. Analyzed
      • 3.1 Files
      • 3.2 URL
      • 3.3 Mail
      • 3.4 Domain
    • 4. Mail Settings
      • 4.1 File
      • 4.2 Mail Body
      • 4.3 Sender Domain
Powered by GitBook
On this page
Export as PDF
  1. Getting Started
  2. 4. Security Rules

4.5 Block POST Values

📘 Overview

The Block POST Values module allows you to block incoming HTTP POST requests based on specific field names and values in the request body. This helps stop malicious or unwanted content before it reaches your backend.

🛠️ How It Works

You define two things:

  • POST Key: The name of the POST parameter you want to inspect (e.g., message, username, comment, bio)

  • POST Content: The exact value to block within that field

If a match is found, the request is immediately blocked at the edge.

⚙️ How to Add a Block Rule

  1. Go to Security Rules > Block POST Values

  2. Click Add New Rule

  3. Enter:

    • Enter Post Key: the POST parameter to monitor

    • Enter Post Content: the value that should trigger blocking

  4. Click Block

  5. The rule is enforced instantly

📋 Example Use Case

  • Block POSTs where the field comment contains the value buy now

  • Block username field if it contains admin (to prevent impersonation)

🔐 Why This Matters

Blocking harmful content at the POST layer helps prevent:

  • Spam submissions in contact forms or comments

  • Basic SQL injection or XSS payloads

  • Unwanted automated POSTs or abuse attempts

This feature acts as a first line of defense.

🎯 POST Value Blocking is a fast and simple way to filter out known bad inputs before they can do harm.

Previous4.4 HTTP Header FilteringNext4.6 Custom Headers

Last updated 9 days ago