Forum Discussion

Icon for Altostratus rank

Altostratus

Jul 29, 2025

Solved

Custom Attack Signatures

We are migrating an ASM policy with custom attack signatures created by the user.

How can we translate this to an XC configuration?

These are SQL injection signatures.

Thank you in advance

Miguel_Alvarado
Jul 29, 2025
Currently, F5 XC does not support creating custom attack signatures. However, service policies offer an alternative by detecting patterns in HTTP requests and block those that match.

3 Replies

Miguel_Alvarado
Employee
Jul 29, 2025
Currently, F5 XC does not support creating custom attack signatures. However, service policies offer an alternative by detecting patterns in HTTP requests and block those that match.
Nikoolayy1
MVP
Aug 15, 2025
Miguel_Alvarado F5 XC Distributed Cloud to support custom signatures is a good idea as service policies are not very good for POST request body match even if the option is there or they do not support matching on all HTTP headers or query parameters for example as the header or query parameter names need to be explicitly specified and can't be a wildcard.

Here is an https://www.f5cloudideas.com/ideas/CNSL-I-653 that we can vote on.
- Miguel_Alvarado
  Employee
  Aug 15, 2025
  Nikoolayy1, thank you for tagging me. I’ve voted for the idea of having custom attack signatures in XC. :)

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5