ASM disable violations just for specific requests

Here you go..

Local Traffic > Policies > asm_l7_policy_whatever.website.com > under Rules click on Add, give it a name, like policy_whitelist, operand: http-uri (leave rest of fields default) > condition: choose equals/contains/etc, value = your URI, click add, then click the Add further down where operand/event/etc is located.

In the Actions area, target > asm, action > disable. Click Add where target/event/etc are. and Finished.

Then once back at the main policy page, do a re-order and move the policy_whitelist you created above default, so it will disable on the URI string prior to hitting the default ASM enable.. once you done this once or twice, pretty simple and can be used a lot.

Below Irule also does the same. If you are applying Irule please ignore the above section.

when HTTP_CLASS_SELECTED { 
ASM::enable 
if { [HTTP::uri] starts_with "/sites/pentest/" } { 
ASM::disable 
} 
}

-Jinshu