Forum Discussion

Cirrostratus

Sep 28, 2016

ASM Violation "HTTP Header Injection"

Hi Folks, in the last days I saw the violation "HTTP Header Injection" very often in my manual traffic learning. When looking at the request I can't really understand, what causes this violation...

ASM Advanced WAF

security

Tikka_Nagi_1315

Historic F5 Account

Sep 29, 2016

Without seeing the actual HTTP Request it's difficult to answer this question. You could open a support case and provide the details.

The violation 'HTTP Header Injection' is triggered by Signature ID 200018023. You can disable the signature 200018023 and customize a new signature to allow “0xa” and “0xd”. Please refer to the manual chapter: https://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-config-11-3-0/asm_attack_sigs.html?sr=474886781031942

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

ASM Violation "HTTP Header Injection"

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

[ASM] - How to disable the SQL injection attack signatures

[ASM] : SQL-INJ "end-quote UNION" - How to allow this signature to specific url/uri/parameter only

Changes to DO and AS3 GitHub - no longer monitored

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Help with SSH Virtual Server

Related Content

KEV Guardrails on BIG-IP: iRules + AWAF custom violations for Vite, Versa Concerto, and Zimbra

Separating False Positives from Legitimate Violations

Rate limiting GraphQL API query using iRule and Advanced WAF Violation

Icontrol REST upload and apply policy- section "http-protocols" ignored?

You Want Action on a Threshold Violation? Use iCall!

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS