Forum Discussion

Altocumulus

May 03, 2023

Handle False Positive for files upload

Hi folks, I'm wondering how to handle uploading files through XC. For example, I have a URL used for uploading files to a web application, say /upload. The files appear to be scanned by XC which d...

Sudhir_Patamsetti
May 03, 2023
Yes, the reocmmendation is to leave it "enabled" ( the feature is enabled in the default policy ).

Regarding the comment "lowered the level of protection against SQL Injection type attacks" , could you please open a support ticket with the details ? We will review and make improvements as needed to the model

AlsDevC

Altocumulus

May 04, 2023

Hi Sudhir, I re-enable the option and my file ipload works correctly, i see the request is triggered by WAF but signatures are in Autosuppressed state. It answer my initial question, thanks.
I'll open a case for SQL Injection are passing when I activate the feature.

Thanks all.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Handle False Positive for files upload

Recent Discussions

Handle False Positive for files upload

failed to find TLS certificate objects, no entry finder provided

F5 Distributed Cloud HTTP Load balancer

New feature required in XC ?

Network connectors types ?

Related Content

Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio

F5 Distributed Cloud WAF AI/ML Model to Suppress False Positives

File Uploads and ASM

AI Security : Prompt Injection and Insecure Output Handling.

CMS causing False Positives

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS