Forum Discussion

Cirrostratus

May 15, 2022

Asm capabilities to decode base46 request

i have tried to inject sql injection in my request and encode it , the asm pass the request as 200 . so how can i decode the request to allow asm to read and detect the attack?

application delivery

security

IoF

Altostratus

May 31, 2022

Not sure what ASM version you are on however in Advanced WAF v.15 there is a checkbox for "Base64 Decoding" when defining HTTP Headers or Parameters in the application security policy. Only meant to be enabled it if the value expected is always going to be Base64 encoded, otherwise you will get a ton of violations/errors.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Asm capabilities to decode base46 request

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Managing iRules configuration

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

[ASM] - How to disable the SQL injection attack signatures

Illigal Parameter addition as custom signature set wanted to Unblock

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Related Content

F5 Distributed Cloud (XC) Custom Routes: Capabilities, Limitations, and Key Design Considerations

F5 TIC3.0 Capability Mappings

Decoding the IPv4 address from the persistence cookie

Silverline DDoS capabilities are now available in F5 Distributed Cloud

Fully Decode URI

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS