For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Oct 05, 2016

block url at root level

I want to block a url if there are no parameters or parameter value is incorrect

ASM Advanced WAF

3 Replies

Shaun_Simmons1
Altostratus
Oct 05, 2016
Can you or a member of your team modify the permissions to the root level to deny access, rather than doing it at the F5 level as a band aide ?
Shaun_Simmons1
Altostratus
Oct 05, 2016
You can apply an iRule that 302 redirects users to a specific URI, on the VS and if it does not "start_with" the URI, then redirect them to correct one.

At least that is my thoughts on an iRule ha!
samstep
Cirrocumulus
Oct 16, 2016
Yes, this is easily done with ASM - flag a parameter as mandatory, disallow empty value and make sure you are blocking on relevant violations:

Illegal number of mandatory parameters

Illegal empty parameter value

Illegal parameter data type
Illegal parameter numeric value

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5