Forum Discussion

Nimbostratus

Jul 08, 2010

Attack signature not triggered

Hello, We had a visit from an attacker last night and ASM did not trigger on this URI: /content/job-details.php?id=-49893%20UNION%20SELECT%20CHAR(97,102,56,56,48,48,55,53,97,97)--1...

app sec

BIG-IP Access Policy Manager (APM)

security

hoolio

Cirrostratus

Jul 08, 2010

Sorry, that would only have worked if you were logging all requests. You could also append a query string parameter with a ' or some other metacharacter that is marked as illegal to trigger a violation.

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Attack signature not triggered

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Custom Attack Signatures

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Wildcard Parameter signature attack

Post-Quantum Cryptography, OpenSSH, & s1ngularity supply chain attack

Default Attack Signature Sets

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS