Forum Discussion

Nimbostratus

May 05, 2009

Check only for Attack Signature

Hi@all, I try to build a base configuration that only checks for Attack Signature. To do this, i created a new HTTP class and in this, I select customer configuration and...

app sec

BIG-IP Access Policy Manager (APM)

security

Benjamin_9036

Historic F5 Account

May 05, 2009

Hey Bjoern,

The HTTP Class filters are not the security checks which are applied - they are strictly the filtering criteria that determine which traffic is processed by which security policy.

The change what violations a specific policy is looking for try looking in the Blocking Policy - found here: "Application Security -> Web Applications -> *pick your application* -> Policy -> Blocking -> Settings".

This is the list of how the ASM will treat each violation type it sees. Simply remove the checks for Learn, Alarm, and Block for all of the violations you don't want the policy to check. =]

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Check only for Attack Signature

F5 Academies Are Back – And We’re Coming to a City Near You

Introducing the F5 Application Study Tool (AST)

Recent Discussions

Big-Ip Edge Client specials characters problems

Which encyrtion algorithm is used when making Kerberos ticket encyrtion.

iControl for Gtm wideip

About F5 idle timeout and keep-alive

Problem with sending BotDefense logs to remote server

Related Content

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Wildcard Parameter signature attack

Exploit PowerShell, Ransomware Attack Report, Active Cyber Defense, Attack to GPS

Live Update- ASM attack signatures

Default Attack Signature Sets

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS