Skip to main content
Skip table of contents

Alarm for HTTPS Protocol Mismatch

This rule returns true and alarms if an application other than HTTPS is detected on port 443.

function Flow_AlarmForHTTPSProtocolMismatch (dpiMsg, ruleEngine)
  require 'LOG'
  if not (IsFinalShortFlow(dpiMsg)) then
    return false
  end
  EZINFO('final flow')
  local port_dst = GetInt(dpiMsg, 'internal', 'destport')
  if port_dst == 443 then
    EZINFO('443')
    local my_application = GetLatestApplication(dpiMsg)
    EZINFO('Application '.. my_application)
    if my_application ~='https' then
      EZWARNING("Protocol Mismatch -" .. my_application .. ' on 443')
      local x = TriggerUserAlarm(dpiMsg, ruleEngine, 'medium')
    end
  end
end
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close