Forum Discussion

Nimbostratus

12 years ago

Solved

ASM Learning Fine Tuning (illegal meta characters in value)

Hello Experts My ASM policy is in transparent mode and configured as manually that is through wildcards for URL, Parameters and file types. I am getting violations "illegal meta characters...

ASM Advanced WAF

deployment

security

Vitaliy_Savrans
12 years ago
Hi,

You must decide wich meta characters is allowed for the parameters.
If you accept suggestion for wildcard parameters illegal meta characters would be accepted for all parameters but not for particular learned parameters.
Allowed: Specifies that the character or meta character can occur in parameter values. Disallowed: Specifies that the character or meta character can not occur in parameter values.
This settings came from /Security/Application Security/Parameters/Characters Sets

Vitaliy_Savrans

Nacreous

12 years ago

you can accept learning suggestion, if you don't see parameter name. I had the same issue and didn't find the way how to get parameter name wich had violation from logs.

Vitaliy_Savrans

Nacreous

12 years ago

Yes, it will be accepted under wildcard parameter. If it's showing the parameter name you can accept learning suggestion and it will work only for that parameter.

Forum Discussion

ASM Learning Fine Tuning (illegal meta characters in value)

Recent Discussions

ASM attack signatures not syncing between active and standby F5

Hardware BIG-IP appliance reach EOSS, but the software version running on it not yet?

VPN Communication Error with F5 BIG-IP Edge Client

simultaneous disabling / enabling of all LTM objects

Query on source IP preservation for syslog traffic through F5 virtual server

Related Content

Community Learning Path: Multi-Cloud Networking

Cisco ACI Endpoint Learning with a BIG-IP HA Failover

Community Learning Path: Web Application and API Protection (WAAP)

Machine learning is nothing new; the BIG-IP ASM system has been learning for more than a decade

How To learn F5 for beginner