Forum Discussion

F5Team's avatar
F5Team
Icon for Cirrus rankCirrus
May 31, 2023

ASM - Disable violation for a specific URI

Below is the violation detected for a certain URI. We are looking to disable only for this specific URI Evasion technique detected [1] Detected Evasion Technique Bad unescape Parameter Value "1.0...
security
Mohamed_Ahmed_Kansoh's avatar
Mohamed_Ahmed_Kansoh
Icon for MVP rankMVP
May 31, 2023

Hi F5Team , 

you can use irule like you wrote above also see these Article about 1-ASM irules , 2- how to get the correct name of the violation to specifiy it in the iRule: 
 > https://my.f5.com/manage/s/article/K15573541
 > https://my.f5.com/manage/s/article/K37744422

But what if another violation under ( Evasion Technique Detection ) other than Badunescape one. 

I would recommend to adjust the system variable attribute "ecard_max_http_req_uri_len" to higher value but you need to do that in a maintenance window because you need to restard asm deamon service for the changes to take effect , to do that please refer to this article : 
https://my.f5.com/manage/s/article/K000092642
you will find within it another article with the steps.

I hope that helps you