Forum Discussion

Altostratus

Jul 17, 2019

Content-length Detected as 0; False detection ASM

There are many blocks that I can see for reason 'post request with content-length 0' but those are genuine requests. What could cause this false detection? Please guide

Altostratus

Yes so ASM treats this as a - HTTP Parser Attack, because the content length should be a positive number. If there are valid requests then disable - Content length should be a positive number under - HTTP protocol compliance.

smalex

Altostratus

Jul 17, 2019

We would not want to disable this check. I would like to know reason why it is detected as content 0 when it is actually not. It is a registration page and even when all fields are filled, page is detected as content 0.

Forum Discussion

Content-length Detected as 0; False detection ASM

Recent Discussions

GTM Packet Capture command

Wildcard SSL Certificate Deployment on F5 LTM

Migration from i series 10200 with 1 child VCMP to r series 10900 series

Open Redirection Mitigation

How to Implement 2 Way SSL in F5 LTM

Related Content

SSL Orchestrator Advanced Use Cases: Detecting Generative AI

End-to-End Fraud and Risk Detection with F5 Distributed Cloud

Operationlizing Online Fraud Detection, Prevention, and Response

Detect and stop exfiltration attempts with F5 Distributed Cloud App Infrastructure Protection

Bidirectional Forwarding Detection (BFD) Protocol Cheat Sheet