For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

AlsDevC's avatar
AlsDevC
Icon for Altocumulus rankAltocumulus
May 03, 2023
Solved

Handle False Positive for files upload

Hi folks,  I'm wondering how to handle uploading files through XC. For example, I have a URL used for uploading files to a web application, say /upload. The files appear to be scanned by XC which d...
  • Sudhir_Patamsetti's avatar
    Sudhir_Patamsetti
    May 03, 2023

    Yes, the reocmmendation is to leave it "enabled" ( the feature is enabled in the default policy ).

    Regarding the comment "lowered the level of protection against SQL Injection type attacks" , could you please open a support ticket with the details ? We will review and make improvements as needed to the model

AlsDevC's avatar
AlsDevC
Icon for Altocumulus rankAltocumulus
May 03, 2023

Stephen,

Thanks for your quick feedback. Maybe I'm expressing myself badly. I know how to put an exception but I was hoping for another method than putting an exception for each matched signature.

BR.

 

 

Sudhir_Patamsetti's avatar
Sudhir_Patamsetti
Ret. Employee
May 03, 2023

Can you share the "state" of those signatures , for that security event? You should find that in the information section. Ideally, these signatures should be "autosuppressed" by the "automatic attack signatures tuning" capability