For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Amine_373499's avatar
Amine_373499
Icon for Nimbostratus rankNimbostratus
Dec 24, 2018

ASM : Allow specific tricky URL

Good morning all , Well i have to URL that are driving me crazy and i cannot figure out the best way to allow : first one : /email/id_user/user@outlook.com ==> trigger violation of file ty...
ASM Advanced WAF
iRules
security
DaveMu_375542's avatar
DaveMu_375542
Icon for Nimbostratus rankNimbostratus
Dec 24, 2018

As to your first question, you could add each of those top level domains to the Allowed File Types. Each violation in the ASM logs should also allow you to learn them individually. If that's impractical for you, you could also write an iRule. It could say something like, IF the URI starts with "/email/id_user/", AND triggers a File Type Violation, it should be UNBLOCKED, but any other violations should remain BLOCKED.

 

Amine_373499's avatar
Amine_373499
Icon for Nimbostratus rankNimbostratus
Dec 25, 2018

it's impossible to do it with file type, cauz i ll need to add a lot of extention .ma . fr .com .edu ... a lot .. So i love u're second suggestion ! but can you help more , i've no idea to make it work with Irule !

 

and also i want to thank you for ur help !