Forum Discussion
ASM attack signature false positive
Hi,
I have 2 application; one of them run on F5-ASM which is AA and other one not which is BB.
BB try to connect AA for some data, but ASM blocked and I could not see any support ID. When i uncheck the attack signature everything is ok. Any idea? Can I uncheck the signature for specific source host.
- JinshuCirrus
Is your policy configured via manual learning? Check the attack detection on Security ›› Application Security ›› Policy Building ›› Manual Traffic Learning, if the violation is detected.
How did you find that ASM is blocking this request? If you have a response page include <%TS.request.ID()%> so that it can display the support id.
Also it is possible to by pass the ASM for specefic IP address if you would like to.
-Jinshu
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com