Forum Discussion
NimbostratusASM module blocking legal request - need a bit help to solve it the best way..
hi out there we have an application where our users have hit a limit which is causing the F5 ASM module (BigIP 11.3) to block the request because it is looking at it as a Dos Attack - http protocol compliance failed where the ASM modules HTTP validation module has checked maximum number of parameters to be to high in request (5622 - and this must be items - not bytes):
Number of total parameters <5622> in request (query string and post-data) exceed maximum limitation
As far as I can see this must be a parameter I can increase a bit under Security -> Protocol Security -> Security Profiles -> Http Profile Properties and then under REquest checks - or os this the wrong location? In that screen there is a length check defined for a Query string of 1k and a post data length of 15360 kbytes - but not any specific for number of parameters??
Now - since I from bad experience with this ASM module know that it is not always obvious what to modify so I would try here to ask first before I just try to increase some parameters...
best regards /ti
4 Replies
Cory_50405Noctilucent
You should set this configuration item per policy.
Security -> Application Security -> Blocking -> Settings
Then select the policy you want to modify.
Under the RFC Violations section, there'll be a clickable 'HTTP Protocol Compliance Failed' option. Under this will be a configurable field for maximum number of parameters. Modify it here.
tiwanghi - thanks for the fast reply - you are right - there is a field there where the default is 2000 parameters - I will try to increase it to 6000
thanks /ti
- tiwang
of course - cannot set it to 6000 - max is 5000 - hmm - suggestions? best regards /ti
John_BuchananI'm getting a protocol compliance failure on URL length, where do I adjust that? I know I can adjust these things on allowed Files but not sure about URLs.
"Unparsable request content - URL length: 2925 exceeded maximum limit of: 2048"
