Forum Discussion

Steve_88099's avatar
Steve_88099
Icon for Nimbostratus rankNimbostratus
Nov 08, 2011

ASM length of Illegal URL

Hi,     I'm new to working with ASM, I have a policy in blocking mode in our test environment and the error I'm researching is :   Request blocked, violations: Illegal URL length   ...
app sec
BIG-IP Access Policy Manager (APM)
security
Steve_88099's avatar
Steve_88099
Icon for Nimbostratus rankNimbostratus
Nov 16, 2011
Thanks for the replies, below is the added detail on my Blocked transaction.

 

If I understand Nathans post under Options Advanced Configuration

 

ecard_max_http_req_uri_len

 

 

the default is set to 2048,

 

 

I'm guessing changing this would affect all application URLs.

 

 

I would like to adjust the length longer then default for ONLY the relative starting

 

URI /AdminCategories.do.......

 

 

How do I do that?

 

 

Thanks.

 

 

 

From Export Security Events Report:

 

 

Requested URL: [HTTPS]

 

Web Application: my.company.com_asm

 

Source IP Address: xx.xx.177.200:24454

 

Destination IP Address: xx.xx.5.62:443

 

Country: United States

 

Time: 2011-11-09 14:37:55

 

Request Status: Illegal, Blocked

 

Severity: Warning

 

Response Status Code: N/A

 

Potential Attacks: N/A

 

Detected Violations:

 

Violation Severity Learn Alarm Block

 

Illegal URL length Warning Yes Yes Yes

 

 

Request

 

GET

 

/AdminCategories.do?method=Save&selectedCategories (Thousands of characters...)