For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Check1t_282465's avatar
Check1t_282465
Icon for Nimbostratus rankNimbostratus
Jul 05, 2017

ASM Policy Allow file type only for specific URL

ASM Newbie Question. Policy learning is offering option to allow file type. I want to allow, but not for entire application but only for specific URL. I did not see option to specify under Applica...
ASM Advanced WAF
security
Ashwin_Venkat's avatar
Ashwin_Venkat
Icon for Employee rankEmployee
Jul 05, 2017

We don't have a feature that lets you allow a file type only for a specific URL. As an alternative approach, you can use the ASM::unblock iRule command to unblock any request that gets blocked as a result of containing this particular file type that needs to be allowed for a URL.

For example, if "aspx" is the file type you want to allow only for a particular URL and that URL is, say, /index.aspx, then you can use an iRule similar to the following to have ASM unblock the request that it blocked in the first place (with 'Illegal File Type'):

when ASM_REQUEST_DONE {
     if {[ASM::violation names] contains "VIOLATION_OBJ_TYPE" and [string tolower [HTTP::uri]] contains "/index.aspx"}
     {
            ASM::unblock
            log local0. "ASM unblocking [HTTP::uri]"
     }
}

Make sure you have 'Trigger ASM iRule Events' option enabled for the relevant policy under Security Policy Properties section to ensure ASM iRule events get triggered.

For more info: https://devcentral.f5.com/wiki/irules.asm__violation_data.ashx https://devcentral.f5.com/wiki/irules.asm__unblock.ashx https://devcentral.f5.com/wiki/iRules.ASM_REQUEST_DONE.ashx