Forum Discussion

Cirrostratus

May 25, 2023

ASM block page for use with API waf policy

Hey all! I´ve setup a asm waf policy for a webservice that handels api calls. But the standard response on a block is a 200 OK with the block webpage, which works great if a person can see it on the...

api

application delivery

BIG-IP Access Policy Manager (APM)

policy

Nikoolayy1
May 25, 2023
Also keep in mind that ASM_REQUEST_DONE irule event will show you support id even for good requests, so if you want to insert the header only when there is violation then you can use ASM_REQUEST_BLOCKING as a replacement for ASM_REQUEST_DONE as it will trigger only for bad requests.
kimhenriksen
May 26, 2023
Just an update from me. I found a much much simpler way to accomplish this.
In the settings for the policy and under response and blocking pages, i edit and created a new header and just used the support id variable from the page on the header and that worked like a charm. No irules to apply or anything. 😄

Nikoolayy1

MVP

May 25, 2023

Why not save the ASM::support_id to variable from the "ASM_REQUEST_DONE" event and then in the ''HTTP_RESPONSE'' event just insert the value in a header?

See:

https://clouddocs.f5.com/api/irules/ASM__support_id.html

https://clouddocs.f5.com/api/irules/ASM_REQUEST_DONE.html

https://clouddocs.f5.com/api/irules/ASM_REQUEST_BLOCKING.html

https://clouddocs.f5.com/api/irules/HTTP__header.html

Don't forget to enable the irule event triggering under the ASM policy as by default it is dissabled for some stupid reason.