Forum Discussion

Altostratus

Aug 20, 2020

ASM security policy with Atlassian Confluence

Has anybody configured an Atlassian Confluence server behind an F5 with ASM security? I find that it's getting LOTS of false positives that I'm hesitant to accept, mostly of the SQL injection variet...

Cirrus

Oct 21, 2020

Hey Julie, just curioius as I am building a policy for this as well.. did you end up finding any easier way? Or did it really come down to adding the correct URLs with the associated content profiles. The Content-Type headers is more so what I am curious about... the fact that the I'd expect to see application/json but instead it is text/plain is so weird.

Can't find Atlassian docs that explain why the app behaves in that way. Or if there's a case where I'd see POST data using the text/plain header and the body isn't JSON.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ASM security policy with Atlassian Confluence

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

F5 Security Podcasts

Confluence Arbitrary File Write via Path Traversal (CVE-2019-3398)

Get Started with WAAP Security Incidents

My Security+ Certification Journey

Certifications for security professionals

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS