Forum Discussion

Altocumulus

Dec 23, 2023

Body in GET or HEAD requests

Hello All ! Is there a way to allow only "Body in GET or HEAD requests" and not all the HTTPS Compliance in the ASM Policy ? Thanks

security

Daniel_Wolf

MVP

Dec 26, 2023

Hi Yanik,

just go to Security ›› Application Security : Policy Building : Learning and Blocking Settings, choose your policy from the drop down menu and enable / disable the violations from the HTTP protocal compliance failed section. Save and apply policy.

KR
Daniel

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Body in GET or HEAD requests

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

ASM/AWAF declarative policy

Changes to DO and AS3 GitHub - no longer monitored

Help with SSH Virtual Server

GRE Tunnel Issue

Help with an iRule to disconnect active connections to Pool Members that are "offline"

Related Content

NGINX Plus Request body Rate Limit with the NJS module and javascript

HTTP Request Smuggling Using Chunk Extensions (CVE-2025-55315)

Wearables Head to Tail

Any way to cache HEAD request

Logging DNS Requests

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS