Forum Discussion

Nimbostratus

Nov 10, 2013

ASM detecting but not blocking the attack

Hello all, I am using ASM and a Apache Tomcat based web application behind it. I am testing negative security accuracy of the ASM and realized that it is not blocking the attacks even it detect...

Nimbostratus

Jan 23, 2014

Hey Guys, I'm currently dealing with the same behaviour. I'm running 11.4 and staging is disabled. I am trying to lock down an ASM policy so that only certain URLs are made public. I do see the URLs being registered as illegal in event logging, but we are still able to access them through the device. This is happening in my manual, and automatic policies. In the uatomatic policy, I see that access to these URLs ends up in the "violations on URLs" category. Since illegal URL isn't really a signature, I should be able to simply block this by adding it to the disallowed URL category, right?

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ASM detecting but not blocking the attack

Recent Discussions

APM with EntraID as idP / request signed

Should config via cli rather than gui?

Background Tasks

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Increasing accuracy using Bad Actor and Attacked Destination detection

The HTTP/2 CONTINUATION frame attack

ESRP Strategies: DNS Water Torture Attack

JA4 Part 2: Detecting and Mitigating Based on Dynamic JA4 Reputation

SSL Orchestrator Advanced Use Cases: Detecting Generative AI

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS