Forum Discussion

Altocumulus

Nov 03, 2024

ASM / WAF - Requests getting blocked due to encoded usernames

Users are trying to login to an application and we believe requests are getting blocked due to encoding happening for the usernames. This is an existing config and no recent changes done. The same a...

security

Nikoolayy1

MVP

Nov 04, 2024

It sounds like the backend app team may have added some encoding to the username parameter. Better sync with them and if it is base64 you have to enable it Securing Base64-Encoded Parameters . Other than that as mentioned in Working with evasion technique detected violations you may need to increase the number of decodings "Multiple decoding" if needed. Also the parameter "Auto Detect" option is interesting Using the 'Auto detect' option for a parameter to reduce false positive violations .

I will suggest if the app team has added base64 you may need to upgrade F5 to the latest version because Attack signature check security exposure

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

ASM / WAF - Requests getting blocked due to encoded usernames

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Problem with sending BotDefense logs to remote server

ASM/AWAF declarative policy

Managing iRules configuration

Changes to DO and AS3 GitHub - no longer monitored

Help with SSH Virtual Server

Related Content

Parse username from HTTP requests

Getting Started on DevCentral

HTTP Request Smuggling Using Chunk Extensions (CVE-2025-55315)

Getting Started With n8n For AI Automation

Let's Get Critical, Critical

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS