AWS WAF F5 rules - Does it also scans file ?

Question

In one of API request in our application where we upload a file is getting blocked by F5 rule&nbsp;"ruleId": "rule_SQL_INJ_end_quote_UNION__Parameter__AllQueryArguments_Body". Can someone confirm if F5 also scans the file and identify potential vulnerability ?&nbsp;

heath_parrott · Answer

Any ISV that provides WAF rules to AWS is subject to how the AWS WAF engine and HTTP work. When a file is uploaded via HTTP it is attached to the HTTP POST request as the body. This could be a multipart form, raw content or a URL link to upload. The AWS WAF engine is capable of scanning the body up to the size limts.

What was logged in the terminating rule matching details - "terminatingRuleMatchDetails": [],?

Forum Discussion

AWS WAF F5 rules - Does it also scans file ?

1 Reply

Recent Discussions

CITRIX remote desktop solution using F5 APM

BIG-IP rseries license

F5 iRule to route traffic based on AS2 headers doesnt work

Trouble with TCP::option set 28

LDAPS: intermittent login issues

Related Content

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Logging all AFM Rules

F5 Rules for AWS WAF - Rule ID to Attack Type Reference

AFM Protocol Inspection rules for CVE-2022-3602 (aka SpookySSL)

F5 rules for AWS WAF Terraform