For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Niko_83038's avatar
Niko_83038
Icon for Nimbostratus rankNimbostratus
Sep 05, 2011

CRC webpages - Anti-defacement

Hi all,

 

 

I'm looking for a feature to protect my application (static content) against defacement.

 

I would like to know if ASM is able to perform a kind of CRC for each webpages of my application to raise an alert if the content is changed.

 

 

Thanks in advance.

 

app sec
BIG-IP Access Policy Manager (APM)
security

2 Replies

  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Sep 07, 2011
    Hi Niko,

     

     

    I don't believe ASM supports this type of functionality. If you'd like to have it considered for addition to the product, you could open a case with F5 Support requesting the enhancement.

     

     

    You can use the Dataguard feature to look for bad patterns in response content. But I think the general best practice is to try to validate requests and prevent a web app from being compromised in the first place.

     

     

    Aaron
  • Ido_Breger_3805's avatar
    Ido_Breger_3805
    Historic F5 Account
    Sep 07, 2011
    Hi Niko,

     

    While ASM do not have a CRC checks, if you deploy ASM in front of this website you will significantly reduce the likelihood of a remote defacement attempt to succeed.

     

    Your use case is pretty unique because most of the websites today are dynamic in the sense that they either will display a different page to a different user ("Welcome Niko"),or that the rate in which the pages content is updated is really fast. I'm not hinting that these challenges cannot be solved, but if you do have a WAF, and it is configured properly, the risk of defacement is really low.