G_Baiamonte
May 10, 2021Nimbostratus
Clarification about WebSocket and ASM
As indicated in https://support.f5.com/csp/article/K14754, if an application uses websockets and an ASM policy has been activated on the related virtual server, a websocket profile is expected to be associated with that virtual server; if the websocket profile is missing, traffic interruptions occur despite the WAF policy being in transparent mode.
Is it possible to disable checks on the ASM policy relating to websockets instead of associating a websocket profile to the virtual server?
Sure, you can de-select the blocking option for all WebSocket-related violations on the Learning and Blocking Settings page.