Mitigating Host Header Attacks on Oracle WebLogic Server
(Doc ID 2356316.1)
Last updated on MARCH 13, 2023
Oracle WebLogic Server - Version 10.3.6 and later Information in this document applies to any platform.
Mitigating Host Header Attacks on Oracle WebLogic Server 11g/12c
Oracle strongly recommends configuring WebLogic to avoid HOST header attacks by either configuring frontend host/port for WebLogic Server domain or configuring redirect-with-absolute-url option in the weblogic.xml of applications. This document provides instructions for both of these options.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!