For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Harry1's avatar
Harry1
Icon for Nimbostratus rankNimbostratus
Aug 18, 2017

ASM is detecting sql injection but still i am able to launch attack

Hi,   I am just working on my ASM lab via PHPauction web site. after putting ASM in block mode ,Sql Injection attack is detecting but still I am able to launch attack. I mean when I am...
application delivery
ASM Advanced WAF
Jad_Tabbara__J1's avatar
Jad_Tabbara__J1
Icon for Cirrostratus rankCirrostratus
Aug 18, 2017

Hello Harry,

 

First what version are you running ?

 

Could you verify following :

 

1) In the "Blocking Settings" page, column "Block" for "Attack Signatures" must be check. Could you take a screen shot of this menu ? I want to know which "Signature Set Name" are activated.

 

2) Also you must enforce "Attack Signatures" or uncheck the "Enable Signature Staging" if not already done.

 

After that if your policy is in blocking mode it will block Attack Signatures.

 

FYI, in general to block an entity you must have followings :

 

  • Policy in "Blocking Mode"
  • the specific "Entity" Enforced (not in Staging mode)
  • in the "Blocking settings the column "Block" is check

Hope it helps,

 

Give us a feedback

 

Regards