Forum Discussion

Cumulonimbus

Nov 26, 2018

ASM: "Illegal Request"

I have come across a weird problem. A user access was blocked, with a support ID displayed. After searching the event log withe the support ID, I found that there was no learning suggestion for the a...

Altocumulus

Nov 26, 2018

That’s weird. It should show the violation it caused. BTW,

illegal request is like it’s Flagged and but not Blocked

. Best solution here would be to recreate the issue and look up the event logs for the violation it caused. Like illegal uri, illegal param, cookie hijack, session hijack, etc. so we need to know to the violation to poke the hole in ASM policy.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

ASM: "Illegal Request"

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

Cannot ping external interface

Dump all host running services during APM logon

NGINX event logs send to F5 Data Collection Device and analysis from BIG-IQ it possible or not?

Failed to execute iptable cmd: ," CMD="iptables -A SSH_ALLOW_RULES error

HA Failover between two Datacenters

Related Content

Difference between "Illegal" and "Blocked" request

I-rule for adapt request "response page"

Seeing "echo (ping) request -- (no response found!)" from a ACI leaf to the F5 floating ip

File Uploads and ASM

How can I add an "Illegal Header" in the Advanced WAF.

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS