Forum Discussion

Nimbostratus

Jan 29, 2015

Bare byte decoding and French characters

Currently, our ASM policies are configured with bare byte decoding check activated. However, this poses problems, as some of our legitimate French pages are flagged with this error. Specifically, it ...

Cirrocumulus

Jan 29, 2015

Not sure how granular you can be with Evasion Techniques, not very I believe.

Do you get learning suggestions? Is it triggered on a parameter value? I wonder if you can create an explicit parameter and uncheck "check characters on this parameter value"?

Other option (more complicated I know) is do traffic classification (via http class or local traffic policy dependant on your TMOS version) and divert the french pages, say /france, to a different security policy configured as Western European.

Not sure if you want to allow the violation on the specific entity/page or just stop it from being logged? Not sure if you can stop it being logged.

Hope this is some help,

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Bare byte decoding and French characters

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Decoding the IPv4 address from the persistence cookie

Allow French characters on ASM

Decoding PCI-DSS v4.0: F5's Ridiculously Easy Guide to Technical Compliance

Fully Decode URI

Decode BIG-IP performance files

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS