Forum Discussion
ASM block page for use with API waf policy
- May 25, 2023
Also keep in mind that ASM_REQUEST_DONE irule event will show you support id even for good requests, so if you want to insert the header only when there is violation then you can use ASM_REQUEST_BLOCKING as a replacement for ASM_REQUEST_DONE as it will trigger only for bad requests.
- May 26, 2023
Just an update from me. I found a much much simpler way to accomplish this.
In the settings for the policy and under response and blocking pages, i edit and created a new header and just used the support id variable from the page on the header and that worked like a charm. No irules to apply or anything. 😄
Also keep in mind that ASM_REQUEST_DONE irule event will show you support id even for good requests, so if you want to insert the header only when there is violation then you can use ASM_REQUEST_BLOCKING as a replacement for ASM_REQUEST_DONE as it will trigger only for bad requests.
Just an update from me. I found a much much simpler way to accomplish this.
In the settings for the policy and under response and blocking pages, i edit and created a new header and just used the support id variable from the page on the header and that worked like a charm. No irules to apply or anything. 😄
- c27705074Nov 13, 2023
Altostratus
Hi kimhenriksen
I'm new to ASM and currently having the same issue, I'd like to edit the blocking response page to give the client a negative response instead of the 200K status without using iRule.. Please can you share HTML you used? Thank you in advance.
- kimhenriksenNov 13, 2023
Cirrocumulus
You can accomplish that in the ASM policy settings. Let me check and get back to you. We setup up a like 599 Blocked (not http standard i know, but i works). And also added the supportid as a response header.
- kimhenriksenNov 13, 2023
Cirrocumulus
Choose policies list under security, there you have the list with all your asm policies. Choose the one to edit.
1
Scroll down to response and blocking pages. And on the right you have the block page settings. I havent edited the page itself, only the code and added the SupID: supportid-header.
2
SupID: <%TS.request.ID()%>- c27705074Nov 13, 2023
Altostratus
Thank you kimhenriksen thats was so helpful. you're a lifesaver. I have edited the response page and waiting for the BUs to commence testing. Thank you so much.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com