For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

sbobic_232506's avatar
sbobic_232506
Icon for Nimbostratus rankNimbostratus
Dec 15, 2015

Applying iRule to ASM policy - file upload form protection

So, I have found the following iRule which should block the upload of PHP files in file upload forms: when HTTP_REQUEST { if { [HTTP::header exists "Content-Disposition"] } { ...
ASM Advanced WAF
security
Erik_Novak's avatar
Erik_Novak
Icon for Employee rankEmployee
Dec 15, 2015

First, go to Local Traffic >> Virtual Server List and click the VS that you would like to apply the iRule to. Then go the Resources tab of that VS, and add your iRule to the Enabled panel. That will add the iRule as a resource to the VS. The next step is to enable iRule processing on the application security policy. Go to the Properties page of your security policy, and select the Advanced menu option. This will reveal the "Trigger ASM iRule Events" option toward the bottom of the screen. Enable the option, click Save and then Apply Policy.