For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Cirrus rank

Cirrus

Mar 12, 2023

Block access to one specific URL containing a keyword from ASM

Dear Support, Using ASM, I need to block access to one specific URL if request contains a keyword "KHTML". All other URLs requsts containing "KHTML" should not be blocked. Kindly support in this r...

application delivery

Icon for MVP rank

MVP

Mar 12, 2023

yes, that's possible. One way to achieve this would be:

1. Create an Attack Signature that looks for .khtml in the query string and assign it to the ASM policy.

2. Create a wildcard URL where you want to block the khtml extension, like /subfolder1/*, in the allowed URLs.

3. Add the Signature to your ASM policy.
4. Create an exception for any URL, not use the attack signature. In my example, I created an exception for the wildcard (*) URL.

This way the block-khtml Attack Signature will only be applied to the Allowed URL you created.

KR
Daniel

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5