Forum Discussion

Cirrus

Aug 23, 2022

Attack Signature Detected "Type="

Hello, I have some users that are receiving an F5 error page with a session ID. Looks like the WAF detected a false positive. I've included a screenshot of the violation. Has anyone come across this...

security

Mohamed_Salah_

MVP

Aug 24, 2022

Hello,

can you share the screenshotsyou are talking about? also, could you please share a screenshot from the policy builiding settings for this policy?

Thanks,

Mohamed Salah

Mohamed_Salah_
MVP
Aug 24, 2022
Hello,

Sorry, didn't notice the attached screenshot. this logs shows that this attack signature wasn't the reason for blocking as only learn and alarm are enabled for this.
So, please can show us the while request along with the policy building settings.

Thanks,
Mohamed Salah

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Attack Signature Detected "Type="

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Allow support of Grant Type "Client Credentials"

exclude HTTP::header value Content-Type] equals "text/xml; charset=utf-8" from SSL redirect

JA4 Part 2: Detecting and Mitigating Based on Dynamic JA4 Reputation

SSL Orchestrator Advanced Use Cases: Detecting Generative AI

Operationlizing Online Fraud Detection, Prevention, and Response

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS