Forum Discussion

andresneri1's avatar
andresneri1
Icon for Altostratus rankAltostratus
7 months ago
Solved

Custom Attack Signatures

We are migrating an ASM policy with custom attack signatures created by the user.   How can we translate this to an XC configuration? These are SQL injection signatures.    Thank you in advance
signatures
sql injection
xc
  • Miguel_Alvarado's avatar
    Miguel_Alvarado
    7 months ago

    Currently, F5 XC does not support creating custom attack signatures. However, service policies offer an alternative by detecting patterns in HTTP requests and block those that match.

Nikoolayy1's avatar
Nikoolayy1
Icon for MVP rankMVP
7 months ago

Miguel_Alvarado​  F5 XC Distributed Cloud  to support custom signatures is a good idea as service policies are not very good for POST request body match even if the option is there or they do not support matching on all HTTP headers or query parameters for example as the header or query parameter names need to be explicitly specified and can't be a wildcard.

 

Here is an https://www.f5cloudideas.com/ideas/CNSL-I-653 that we can vote on.

  • Miguel_Alvarado's avatar
    Miguel_Alvarado
    Icon for Employee rankEmployee
    7 months ago

    Nikoolayy1​, thank you for tagging me. I’ve voted for the idea of having custom attack signatures in XC. :)