Forum Discussion

Nimbostratus

Nov 04, 2024

ASM / WAF - Requests getting blocked due to encoded usernames

Users are trying to login to an application and we believe requests are getting blocked due to encoding happening for the usernames. This is an existing config and no recent changes done. The same a...

security

Nikoolayy1

MVP

Nov 04, 2024

It sounds like the backend app team may have added some encoding to the username parameter. Better sync with them and if it is base64 you have to enable it Securing Base64-Encoded Parameters . Other than that as mentioned in Working with evasion technique detected violations you may need to increase the number of decodings "Multiple decoding" if needed. Also the parameter "Auto Detect" option is interesting Using the 'Auto detect' option for a parameter to reduce false positive violations .

I will suggest if the app team has added base64 you may need to upgrade F5 to the latest version because Attack signature check security exposure

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ASM / WAF - Requests getting blocked due to encoded usernames

Recent Discussions

फोनपे में गलत ट्रांजेक्शन

फोनपे में गलत ट्रांजेक्शन

फोनपे में गलत ट्रांजेक्शन

F5 101 EXAM

GEARHEAD ENGINEERS ORG: HOW TO GET YOUR BITCOIN OR ANY OTHER CRYPTOCURRENCY BACK FROM A SCAMMER.

Related Content

Parse username from HTTP requests

Get Started With Kubernetes SIG Gateway API

Getting Started with BIG-IP Next: Adding Instances to Central Manager

ASM Brute-Force - Common Username

Require username and password for virtual server

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS