Forum Discussion

mayurtanna's avatar
Icon for Nimbostratus rankNimbostratus
Jan 18, 2024

AWS WAF F5 rules - Does it also scans file ?

In one of API request in our application where we upload a file is getting blocked by F5 rule 

"ruleId": "rule_SQL_INJ_end_quote_UNION__Parameter__AllQueryArguments_Body". Can someone confirm if F5 also scans the file and identify potential vulnerability ? 

1 Reply

  • Any ISV that provides WAF rules to AWS is subject to how the AWS WAF engine and HTTP work. When a file is uploaded via HTTP it is attached to the HTTP POST request as the body. This could be a multipart form, raw content or a URL link to upload.  The AWS WAF engine is capable of scanning the body up to the size limts.  

    What was logged in the terminating rule matching details -  "terminatingRuleMatchDetails": [],?