For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Stefan_Klotz_85's avatar
Stefan_Klotz_85
Icon for Cirrus rankCirrus
Dec 21, 2015

ASM disable violations just for specific requests

During creation and fine-tuning of an ASM-policy (based on manually Rapid Deployment) we found lots of valid requests, which trigger for example an Attack Signature or RFC compliances checks. But ins...
ASM Advanced WAF
security
waf
Stefan_Klotz's avatar
Stefan_Klotz
Icon for Cumulonimbus rankCumulonimbus
Dec 21, 2015

So isn't there any overview, which violation types (currently we are only talking about Attack Signatures and RFC violations) can be disabled on a specific entity instead of disabling it globally for the whole policy? I mean for headers for example there is a option to disable "Evasion Techniques Violations". Or Attack Signatures can be disabled just for a specific parameter. Is something similar possible on URL-level as well?

 

The problem I have is that the application code contains valid requests, which trigger specific violations. And although some of them are also not RFC compliant and I assume changing this directly in the application is not possible, I was wondering (to minimize security risk) if it's possible to exclude these specific violations just for affected requests (e.g. URL).

 

Ciao Stefan :)