Forum Discussion

Grant_32901's avatar
Icon for Nimbostratus rankNimbostratus
Jan 12, 2011

ASM question - checking blocked words




I am a bit of an ASM newbie. I am trying to check out an ASM violation we are getting that is preventing users from entering information into a form.



We are getting the following error in the logs –


Request blocked, violations: Attack signature detected. support id: 15443836896202340293



Is there a way of seeing what words / signatures have been violated?


We are using 10.1.0 Build 3402.0






2 Replies

  • Hi Grant,



    Here are steps you can use to get details on the attack signature:



    Navigate in the GUI to Application Security | Reporting | Requests


    expand the filter list


    enter the Support ID in the Support ID filter


    click search


    click on the requested URL for the returned record


    click on Attack signature detected


    in the popup, click the 'View details...' link



    The portion of the request which matched the attack signature should be highlighted in red.



    You can get the attack signature name from the /var/log/asm log file as well.