Forum Discussion

Cumulonimbus

Nov 25, 2018

ASM: "Illegal Request"

I have come across a weird problem. A user access was blocked, with a support ID displayed. After searching the event log withe the support ID, I found that there was no learning suggestion for the a...

Altocumulus

Nov 25, 2018

That’s weird. It should show the violation it caused. BTW,

illegal request is like it’s Flagged and but not Blocked

. Best solution here would be to recreate the issue and look up the event logs for the violation it caused. Like illegal uri, illegal param, cookie hijack, session hijack, etc. so we need to know to the violation to poke the hole in ASM policy.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

ASM: "Illegal Request"

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

How to configure ssh access by key on F5OS

Help with an iRule to disconnect active connections to Pool Members that are "offline"

Questions on R-Series 5800s

iRule Approach to Mask Authorization Header for Bot Defense Logging – Validation Needed

Cloud Apps Protection

Related Content

Difference between "Illegal" and "Blocked" request

I-rule for adapt request "response page"

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

File Uploads and ASM

How can I add an "Illegal Header" in the Advanced WAF.

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS