About BIG-IP ASM system to enforce URL flows

Question

Hello experts,https://my.f5.com/manage/s/article/K64208044Can you tell me how to determine the traffic that is executing the URL, and whether it is relying on the "Referer"header to judge?If the site doesn't have "Referer"header does that mean you can't use this feature?Any help is appreciate.Thanks !!

nikoolayy1 · Answer

I admit I am not fully understanding your questions.
&nbsp;
Yes , flow is based on Referrer headers and the entrypoint URL can be directly called as it it is start endpoint of the flow. This is like for example a main web page and after that the main page can have images that are located in other urls that will be accessed with web requests with referrer headers that show the main page.
&nbsp;
You can enable the flow violations in learn and alarm and test the feature by accessing url that that shouldn't be accessed directly (not the flow entrypoint URL). This is how you can test without blocking traffic and seeing the request log 😉 Also read about flow parameters as well.
&nbsp;
Also see:
&nbsp;
Advanced WAF / BIG-IP ASM parameter matching (f5.com)
https://techdocs.f5.com/en-us/bigip-15-0-0/big-ip-asm-implementations/adding-entities-to-a-security-policy.html
&nbsp;

Forum Discussion

About BIG-IP ASM system to enforce URL flows

1 Reply

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

Troubleshooting high CPU utilisation on BIG-IP systems

Automating Certificate Management on F5 BIG-IP

Troubleshooting OSPF on BIG-IP systems

Re: Security Best Practices for BIG-IP & BIG-IQ systems

Introducing the F5 AI Assistant for BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS