For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

haritan_132923's avatar
haritan_132923
Icon for Nimbostratus rankNimbostratus
Sep 04, 2013

BIG-IP false SQL injection alarm when trying to update a Wordpress page

Hi all, first of all, I am not sure if I ask this question in the right forum. Please direct me to the right one if this is not the place to ask this question.   I host my Wordpress-based website ...
security
boneyard's avatar
boneyard
Icon for MVP rankMVP
Sep 04, 2013

it might help if you ask the hosting provider the exact ASM violation, that might help a little.

 

the issue probably is that the combination of your ")" together with the rest of the query constructs something the ASM sees as a possible SQL injection. silly example: the ASM look for: select from () and your ) completes a select from ( in the wordpress code thereby triggering the signature.

 

you just disable one signature, so the effect should be limited.