Forum Discussion

Icon for Altostratus rank

Altostratus

Aug 20, 2020

ASM security policy with Atlassian Confluence

Has anybody configured an Atlassian Confluence server behind an F5 with ASM security? I find that it's getting LOTS of false positives that I'm hesitant to accept, mostly of the SQL injection variet...

ASM Advanced WAF

Icon for Altostratus rank

Altostratus

I've made sure that the JSON profile is is first in line, but looking more closely at this, I'm seeing that the problematic POST requests are coming in as

Content-Type: text/plain

with

Accept: application/json, text/javascript, */*; q=0.01

I'm assuming this explains why it's not parsing properly? Or should it be recognizing the content as JSON automatically?

Ivan_Chernenkii

Icon for Employee rank

Employee

Aug 24, 2020

Hello Julie,

Could you provide example of failed requests and configuration of "Header-Based Content Profiles" of URL in policy, which this request matches?

Thanks, Ivan

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming